Passwords are supposed to be the primary filter of access of a delicate bit of information. Only those with privileges to enter what’s inside are supposed to have the passphrase, so it should be, long, secure, easy for the person to remember, and hard for strangers and external agents to guess.
Passwords are also supposed to be managed with responsibility. If you are using your social media outlets, or more importantly, your banking account, you should be aware of what you do with those little sentences you write to access them.
Establishing stupidly easy passwords such as “1234” or your birthday is a common mistake that often leads to online privacy risks. Also, users should log out of their accounts in all cases: avoid skipping this step.
Don’t make it too straightforward for attackers to steal your digital assets or identity. Protect yourself with a strong password, two-factor authentication, finger ID, and good habits when it comes to your passphrase.
The only problem here is memorizing this password assuming that you don’t have a photographic memory, in this case, a combination of number and words that has meaning might be helpful, but be sure to make it as complex as possible in order won't be guessed easily. You’ll need to think about how to come up with a memorable password. Just keep in mind that words in which are part of the dictionaries are not safe passwords.
If your password is too short, or contains dictionary words, places or names- then it can be easily cracked through brute force, or guessed by someone. The easiest way to make a strong password is by making it long (12+ characters)- consider using a 'passphrase', made up of many words. Alternatively, use a password generator to create a long, strong random password.
If someone was to reuse a password, and one site they had an account with suffered a leak (data breaches occur approx every minute!).This is usually will be done through large-scale automated login requests, and it is called Credential Stuffing. Unfortunately, this is extremely common, but simply you could prevent such threats just by using a different password for each of your online accounts