i use a password gen. with 12 chars. mixed with #s and letter both lower case and upper case then i write it down on paper.
I use new one each account and password i need i aslo try to change them every 30 - 90 days.
list of sites you may need to change pass http://mashable.com/2014/04/09/heartbleed-bug-websites-affected/
with all these passwords leaks ,make your passwords fool n future-proof https://identitysafe.norton.com/password-generator#
check out /r/heartbleed
Password Generator by Norton easy to configure and generate a bunch of passwords at a time, if you don't have a password vault, it's nice to be able to generate a bunch to choose from
Norton provides a free online password generator up to 32 characters.
GRC provides a free online password generator up to 64 characters.
The only reason is to check it out imo as it is not free forever.( at least not the full version) The site directly implies its better then Norton's Identity Safe without any proof, (so they feel NIS is there prime competitor) but NIS is very good and free forever. There are more free password protection programs out there and I only bring up Norton's because they themselves use it as a example and I have used it extensively.
https://identitysafe.norton.com/ for anyone that wants to check it out and compare for themselves.