Your passwords should be strong: at least 8 characters (more is better), and a mixture of upper case, lower case, numbers, and special characters. Not in a dictionary, or "12345" or "qwerty", or the name of your dog.
You password should be unique: different for every web site. If you use the same password on multiple sites, and your account is compromised, all your accounts will be compromised.
But how can you manage dozens or hundreds of different passwords, so complex that you can't possibly remember them all? A fantastic program called LastPass will manage them all for you, and in fact will automatically fill them in for you! It will also offer to remember passwords for new sites, detect password changes automatically, store form information (name, address, phone number, etc.), and securely store sensitive information like Social Security numbers and credit cards. It can share this data across multiple platforms (Windows, Mac, iOS, Android, Linux) and multiple browsers (Internet Explorer, Google Chrome, Opera, Safari, Firefox). And best of all, it's Free! Well, unless you want to use it on a mobile device, then it costs $1/month. All you need to remember is one, secure, password to get to your vault.
LastPass has beeen tested and verified to be secure - they only store encrypted data on their servers, never unencrypted. I've personally been using it for a number of years, with no issues whatsoever. Check it out, post back here what you think, or what you use to manage your passwords!