That password of yours: you know, the clever, eleven-letter one consisting of a word that is in no dictionary of any known language, plus some numbers, and which is also profoundly memorable to you — that Windows password, yes, that is protecting all your most intimate files — how long do you think it would take to crack?
About 30 seconds, you say? From a public web page? You may be an optimist. Some passwords can be done in four seconds by this technique. But the moral is clear. A password without punctuation is worthless.