We all know the rules - don't use the same password, don't use identifiable information in your password, keep your password secure and don't share it, but we don't always follow them!
Your best defense against a cyber criminal is having a strong, unique password coupled with multi factor authentication.
Contrary to popular believe, small accounts and individuals can be attractive targets for cyber criminals! They may only make $5 for a small hack but when conducting a wide spread attack over 1000's of people, $5 per target starts to add up.
We always recommend, for business and personal life, to use a Password Manager. The number one benefit is you can have huge complex passwords for all of your accounts, but you don't need to remember them! You just have one secure password (and multi-factor authentication) to access the Password Manager that you remember and the rest of the work is done for you.
LastPass recently published an eBook on the psychology of passwords, you can read more about it here.