> He apparently had reused his LinkedIn password — "dadada," according to the group that took over his Twitter account — across multiple accounts, and had never changed them.

Wow... just wow.

> **Consider using a password manager.**

This is the best thing you can do if you want your passwords to actually be secure. 

Creating unique strong passwords for each website that you can actually remember is hard. You will either keep forgetting them or more likely you will start compromising the strength and/or uniqueness of the passwords so that you can actually remember them. Don't do this. Instead, use a password manager and let it generate and save the unique strong passwords for you. Then you only need to remember one strong password.

This is especially important for Steemit because attackers can brute-force your password all day long without any rate-limiting. If a hacker is targeting you specifically and your password is weak, they will eventually break it and permanently steal your account. So please, use a password manager. And it would be even better if you also use a separate randomly-generated owner key that you normally store offline.