I encourage you to take a moment, click on the source link below, and read the article from c|net that talks about password management. After reading this article myself, I strongly endorse all the points that are made; especially the use of a password manager, but there were two points that jump out to me that I see people at home doing all the time:
1 – People use weak passwords (and never change them)
2 – People will use those same weak passwords on multiple accounts.
Longer passwords are better: 8 characters is a starting point
8 characters are a great place to start when creating a strong password, but longer logins are better. The Electronic Frontier Foundation and security expert Brian Kerbs, among many others, advise using a passphrase made up of three or four random words for added security. A longer passphrase composed of unconnected words can be difficult to remember, however, which is why you should consider using a password manager.
Don’t recycle your passwords
It’s worth repeating that reusing passwords across different accounts is a terrible idea. If someone uncovers your reused password for one account, they have the key to every other account you use that password for.
The same goes for modifying a root password that changes with the addition of a prefix or suffix. For example, PasswordOne, PasswordTwo (these are both bad for multiple reasons).