It doesn't really matter how many you have, you still need to protect them. Encrypt your laptop, lock your screen when you get up for a break, etc, etc.
Personally, I use one key pair per source user/device pair and then comment in the authorized keys where each public key is from. To me, it is more likely that a user/machine pair will be compromised than a key. This makes cutting a compromised box or account off easy. :-)
Personally, I like to have different keys that I treat with different levels of care/paranoia. I'm not particularly worried about leaving my github key 'added' to my ssh agent 24/7, but I don't do that with my work production key.