This is incomplete advice. The more important concept is to have different passwords on every website, and to use two-factor authentication whenever possible. Here's a list of vulnerable sites.