CIS Department Wiki
When it comes to protecting online information, good password techniques are cornerstone. A good password is both a function of password strength, and user practice.
Organizations should never ask for your passwords. There is no "technical" reason to disclose them, so don't! Be very suspicious of anyone who asks.
Many software products exist today that have proven helpful in managing all the accounts and passwords that are used on a daily basis. They do this by storing the unique credentials, while keeping that information secure and encrypted against unauthorized access. You get the benefit of stronger passwords on your accounts that you don't have to memorize. As with any software, be sure to research it to ensure it is secure, reputable and has all the features you need.
Here's one article that talks about several of the popular password managing programs available (LastPass, 1Password, KeePass, Dashlane & RoboForm).
Be cautious when allowing browsers to save your credentials. You should only save passwords in your browser when you are the only one with access to the computer and user account that you are logged into. Never save passwords on a public terminal or on a computer with a shared login account.
Password Policies and Guidelines provides more guidance to create and maintain a strong password.