The problem with the XKCD random-dictionary-passphrase approach to passwords is the fact that you should never have the same password for everything, or even more than one thing. While one random passphrase can be very easy to memorize, it becomes exceptionally difficult to memorize several of them, not to mention which random passphrase for which website.
I currently use a password scheme using a mental algorithm where parts of the URL are transformed into password elements (to aid in remembering the passwords since this makes them different for every site).
Though, I'm rapidly growing in the opinion that the best and most secure password option is to use a password "vault" like LastPass, KeyPass, etc. program/app secured with a single, secure randomized dictionary passphrase, that uses strong, completely randomized, site-unique passwords for each site.