I encrypt some data with gpg -c before storing it online (offsite backups are useful after all). However I'm now contemplating whether my password is vulnerable to brute forcing. May need even more bits of entropy, while still being able to remember it in case the backup needs to be restored on a fresh system.

just use a long, randomly generated passphrase and write it down on paper. you'd be surprised how quickly muscle memory sets in after you type it a few times, and if you forget you always have the paper backup (keep it in you wallet or desk).