If we stay with our principles, that passwords should easy to remember, never written down, never shared, then we should already have all we need to know, right? Yes! We’re done! I’ll stand by that answer.
At exactly the same time (conundrum/paradox) I can say good things about the idea of password managers. A good password manager can keep track of your passwords for you, in a secure way. A password manager opens up the opportunity for very long, very complex, passwords that defy being remembered or reversed. As much as I’ll defend the earlier principles, that doesn’t contradict that long, complex, non-memorable, passwords are also a good thing.
There are many passwords managers out there, some quite expensive, some affordable, a lot are free! I’m a big fan of LastPass. It has served me well for years, and frankly, I haven’t had reason to check out any others. LastPass was extensively reviewed by Steve Gibson on Security Now episode 256. Well worth checking out in the free version, or for an almost trivial fee, get the Premium edition which does great things on your SmartPhone. Managing a large network, check out the Enterprise edition.
6/9/2014 update: Worth mentioning. A password manager can help you out with a lot of that irritating stuff like auto-logging in at hotels and coffee shops. These are so different from the typical “security” needs. Still need to be careful, but the passwords are often not under your control.