Not that anyone probably cares, but here's my basic website password security scheme:
- sites that I deem important/sensitive, such as my banking sites, paypal, work, etc. get unique, strong passwords
- sites that I consider to not be highly sensitive, ie., I won't lose money if someone gets into my account, such as DC, or cracked.com, or whatever, gets a password that's mostly the same as every other similarly non-sensitive website. I do change the starting letter of the password to match the site's domain name - that gives these passwords some very small measure of uniqueness.
This works well for me because I don't have to work at all to remember most website passwords. Of course, I'd rather those accounts not get hacked, but I won't be seriously hurt if they do so I don't feel I have to put a lot of effort into password security for them. However, those passwords are still generally different enough from one another that if one site gets hacked and a list of userids & passwords gets into the hands of hackers (such as with the Adobe breech), those hackers won't get into *all* of my website accounts. And the few that they might get a match on will be more or less worthless to them - at least as far as bringing any kind of harm to me. Getting one of those passwords does nothing to help them get a password for any of the sites I consider sensitive.
The key is that the "common" password I use has a mix of letters, letter case, numbers, a punctuation character, and a length that's long enough, but not too long.
This lets that password get through nearly every 'password strength requirement' filter out there, but still fits constraints that some sites have. It probably doesn't happen too often anymore, but in the past I have come across web sites that don't allow password to be longer then 8 characters or don't allow characters like quotes or slashes. So my common, base password doesn't violate those rules. But it's still complex enough to make most sites happy.
Anyway, that's how I deal with password management.
Irritating password constraints trivia: I recall one website that wanted passwords to be no shorter than 6 characters, but no longer than 8 characters - what???