Originally Posted by
dsdwe234sfd23
5) Use long, random, passwords. Nothing is more important than length (20+ characters) and being random. Never use dates, words, names, places, l33t-sp34k.
6) Never reuse passwords. Basically, use a password manager to ensure all online accounts are using different, long, random, passwords. If you never have to type the password, why not use 50+, random, characters?
[...]
Did I mention staying patched, using long, random, passwords, and having versioned backups? Those 3 things are the most important of all of them.
I disagree with point 5, you may want to take a read of the following for full reasoning - but TL;DR: you don't need random characters with a long password:
https://en.wikipedia.org/wiki/Diceware
Yes, if you're using a password manager then there's no difference whether or not you use random characters. But you still need (to remember) a password to protect your password manager, system login passwords, and possibly email or bank passwords that you use regularly when you might not have a password manager with you.
What ends up happening is that people use shorter insecure (but maybe random character containing) passwords for those common use cases, when it's just as easy to remember a much more secure long password using the above schema.