Never use a dictionary word as the password. Doing so makes it easier for hackers to gain unauthorized access by checking all possible dictionary words for a match. This type of attack is known as “Dictionary Attack”, and software can be designed to make the attack automatic.
Usernames, IDs, important dates (birthday, anniversary), names of friends or parents, common phrases like "password", "qwerty", "abcdef123456" etc. should never be used as passwords. Use a password unrelated to your personal information.
Your password should be long and a combination of uppercase letters, lowercase letters, numbers and special characters like #, @. Use different passwords for different accounts. Be careful while setting a password hint.
If possible, remember your passwords. But with too many passwords, it is not easy. If you have to write down your passwords, keep it in a secure place so that nobody can access it. Another option is to use a trusted password manager.
While choosing a password manager, be extra careful. Read reviews and check the popularity of the brand. If your password manager company gets hacked, a hacker may have access to all of your credentials.