You'd be surprised how many people just aren't that wise in relation to their passwords. According to some data graphic released after the gawker attack, a ridiculous percentage of registrants actually used "password" as their password and it may be reasonably assumed that most people use a single password everywhere for ease of remembrance.
Of course, this means whenever a password is compromised, anyone can use it to attempt to access accounts and the poor sot holding them is wide open to further abuse.
It's a good idea to have some manner of convention for passwords (patterns or methods of generating them for yourself that are easy for you to remember, but difficult for others to guess). Some of the ones that have served me well in the past include:
- taking my initials and translating them to either numbers or to numbers and then dividing them by X (some easy to remember number of my choosing and, of course, dropping any remainder/fraction), AND
- combining that result with my numeric street address ("3745 Any Street" becomes "cgde"), AND
- taking my 5 digit zip code and dividing it by X (as mentioned above) and using the result (sans decimal)
The result of the above (for me) would be:
166cgde49002 (and no, this is not my current password. heh.)
Or, for WoW, a similar function might be:
- converting the first three letters of my character name to numbers (16 8 25)
- converting my current achievement score to letters (D F D E)
- dividing my character's current level in half (42 [ignoring the fraction] )
The result could serve nicely as a password: 16825dfde42 (also not my current password!)
You get the idea.
Obviously, a system easy for you to use and remember might contain very different means of arriving at something, but the idea is to have something in place.
Also, to change up ALL your passwords at least once a year (most would recommend once a quarter, and if you're using sites where compromised accounts are known or in any way regular, once a month).