yeah its bad feeling; i got stung on the latest linkedin leak from 2012 :(
luckily for me i use a password managers and don't even know my own passwords; can be a pain in the arse because you can never login to anything unless you have your password manger handy but i prefer it that way. Also if you go down that path make sure you have really thought out you backup procedure and ensure you have 3 copy's that are frequently updated and stored in geographically separated locations! otherwise one day it might all come tumbling down very quickly
some people use a password system which is a set of rule that allows them to generate password in their mind; i don't mind that idea either; just never sat down and tried to nut out good rule that would generate good passwords that could be recalled when i need them.
Any one use a password System and care to share generic/modified details of such a system for the benefit of the community?
I'm using a password manager with random generated password and 2FA for my most critical account (like email or amazon)
Then I have several password that I kind of reuse depending on the service I'm registering to. All being derived from an old 8 random characters password dating from my first internet connection 20 years ago.
The system I'm using account that don't old any important information is as follow:
8-10 letter/number password + (special character) + n first letter of the neme of the website I'm on starting wih a capital letter.
It looks something like : g3n3r1cp4s%Steemi
Of course if you get infected with a keylogger you're screwed.
That's why I never use it for any account with sensitive information and wouldn't recommend if for anything that you don't really care being hacked.