Passwords and management of them, is one of the most frequent problems I come across.
Typically you have an account name and an associated password for each system you use.
For example, most users have a Microsoft Account and password, an Email account and password (e.g. BT, TalkTalk, sky), maybe an anti-virus account and password (e.g. Norton, McAfee, F-Secure).
As good practice, passwords should be at least 8 characters in length, a mixture of upper and lowercase letters, and at least one number or special character (e.g. #, @, $) Also ensure that your password does not use a proper word which can be easily worked out using a dictionary attack.
I generally substitute zeros for the letter O, or swap 1 for the letter “I”. This not only makes your password harder to guess but makes it no longer a word. So for example if “Liverpool” was going to be my chosen password, I would amend it instead so it showed as “L1verp00l”.
Passwords should be changed on a regular interval, but not so it becomes a pain. Usually if you change it twice a year that should suffice for most users.
Next, do I use the same password for all my accounts? A hard one to answer this, if you do and your password is compromised then the hacker would have access to all your accounts, where as if they are separate for each account then only one account is compromised.
Finally, how do you remember them all? I write mine down in a book and keep it in a safe location away from my computer but accessible if I ever forget a password, which I do at times!