FWIW, I use a password manager (Keepass/Keepass2, tho there are other good ones). It's another step or two in my workflow, but let's me have a unique, very strong password for everything I log into. Greatly reduces the impact of password dump attacks.