A guy at a recent security conference told me he uses your technique of base + pattern. While that method stops an attacker who is blindly trying the credentials elsewhere, it still leaves me uneasy -- if two or more databases with your account get popped, the pattern used on all your other accounts can be exposed.

I prefer two factor when possible such as Google Authenticator, sites that challenge logins from new IPs or w/o a stored browser cookie, etc. Barring that, "minor" sites like ZDnet get a very long randomly generated password stored in an offline open source password manager like Keepass. I never know the password to ZDnet - I just cut and paste.

Of course, there are still weaknesses to using a local password manager (compromise of the local machine being the big one), but I still find it preferable to password reuse - even partial password reuse. If they've got your local machine, you can have keystrokes logged and lose the passwords either way.

"...people would figure that one out on their own pretty quick. They're good at determining the things that aren't *that* important from the things that are."

I would argue that people are often NOT capable of accurately assessing risk. Bruce Schneier gave a great 2011 TED talk on how people make security decisions, and how their logic often goes awry. http://www.ted.com/talks/bruce_schneier.html