Obviously, there is no way that regular humans can remember different, long, random passwords for all the Internet locations they use. That is where password managers help.
A password manager is a highly secure database which locks individual passwords behind one master key. The user needs to sign in using that secure credential, and then all the others are available. Good password managers will automatically fill in whatever a site needs (after authorizing it with the secure password, of course). Just as importantly, they can generate a completely random password of whatever length and complexity desired when first signing up to a site. This guarantees the new password will not be something in an online dictionary. Further, by creating a new password for every site, one need not worry about a hack of one location creating a security hole in another.
Many password managers are cross-platform, meaning that they can be used on the different devices typically owned by a user, with the passwords always available. Several use a “trust no one” model, so even the software provider itself cannot access the password list. This is important in case they are breached themselves.
While “trust no one” is good, it also means that one cannot ever forget their master password. If it is forgotten, even the software vendor will not be able to help, and the encrypted password list will be lost. Although this sounds scary, there are provisions for backup passwords that can be created in advance to prevent that.
Optional Videos: For more information about how a typical password manager works and how to get started, watch Bite-Sized CPD – How to Use a Password Manager [7:03 minutes]. In Lessons from the LastPass Breach [8:08 minutes] we review some valuable lessons you can apply to your own cybersecurity.