Re: I was "hacked" via RDP
Having a 30+ character password is not ideal though in terms of convenience.
If you feel you are that juicy enough a target then surely login with a client certificate (maybe stored on a USB security key) is the way to go.
RDP (well mstsc.exe at least) also supports optionally having the server present it's own client certificate to you at login time so you can be sure you are not connecting to a spoofed server configured to look like yours. Time-consuming to setup but no particular expense involved if you can use self-signed certs.