RE: Have You Been Pwned? <- great resource for all
I'm using a password manager with random generated password and 2FA for my most critical account (like email or amazon)
Then I have several password that I kind of reuse depending on the service I'm registering to. All being derived from an old 8 random characters password dating from my first internet connection 20 years ago.
The system I'm using account that don't old any important information is as follow:
8-10 letter/number password + (special character) + n first letter of the neme of the website I'm on starting wih a capital letter.
It looks something like : g3n3r1cp4s%Steemi
- It's good because it's easy to remember once you remember the first part.
- You have your number, special character and capital letter that most password rule ask for
- Decent strength against brute force attack.
Of course if you get infected with a keylogger you're screwed.
That's why I never use it for any account with sensitive information and wouldn't recommend if for anything that you don't really care being hacked.