I'v talked about this before on the blog. However, this is a good place to give an reminder.
Please use a different and very random password on each website, don't just change one
letter or add a number to the end of your password, because that's easy to guess.
To do this i recommend using a password manager like LastPass,
Check out how to use it to its best on the giffgaff blog here.
Easy to say, but then you end up either having a single point of failure or people have so many different passwords that are so complex they write them down and that defeats the whole purpose...
I configure a certain word and numbers with s unique identifier for each account
eg. pasS1g2i3f4word! That uses the word password with the numbers 1234 identifier gif interspersed through numbers, capital on 3rd letter and ! At the end.
And when asked for my mothers maiden name when setting things up I use another relatives just do it can't be hacked too