Passwords are hard to make secure these days, and we need to have more than one password because if your one password gets stolen then the malicious person can access everything you own. The problem we encounter having so many passwords is we now do not remember passwords. So what do we do when we don't remember passwords? We write them down in a note book. What is wrong with writing them in a note book? Well, say someone found it in your house or you keep it in your purse. You lose all your passwords and someone else knows them. Another issue is that when we make a password, we don't come up with something random; we usually just go about making it something memorable which means it's something like married1998 or spotthedog23. These are some of the worst passwords one can come up with. Why? Because hackers can guess these easily because they know people do this. So the passwords you really need should look something like B^xD2$9zXP@#9t68w4U4UJ5r%J77SV. But there is no way you would want to type that or you would remember that, so this is where Password Managers come into play.
Password Managers keeps track of all the passwords you use, makes it easy to use them, are able to make unique passwords for sites you use, and they encrypt your passwords using a Master Password to protect them from just being stolen. These are all great reasons to use a Password Manager.
Here are some password managers I recommend:
Open source, and audited. Works for all browsers and platforms. Similar to LastPass in operation.
LastPass is a cloud based password manager which stores all your passwords in their data center and syncs between devices and browsers you use. One issue with going with a cloud based password manager is if they don't do security right, malicious people can possibly break in and steal all your passwords. This is something LastPass has done right.
They had break ins in the past, however each time nothing important was stolen and they learned from their mistakes. At most what was stolen was a hash of the master password which they know how to hash the passwords so well that it's incredibly hard to reverse into the actual password. For this reason, this has become the password manager for me.
They allow one type of device for free, Mobile/Tablet/Computer, but if you want to use more than one, it costs $12 a year which is a steal for something that protects your online life.
This is an open source password manager which is free but platform availability is limited. It was made for Windows, but has Unofficial releases for Linux, Mac, Windows Phone, Android, and iOS. I don't personally trust "Unofficial" releases, so I'm sticking with LastPass.
This password manager is quite nice, the only thing that prevents me personally from using it is it doesn't support Linux and is expensive in my opinion at $50.
Now my recommendation on how to do passwords is as followed.
This is what you have to do until Public Key encryption becomes popular. The one I'm waiting for is https://www.grc.com/sqrl/sqrl.htm.