All my passwords are passphrases, randomly generated and stored in my password manager. Usually 10 words, for about 130 bits of entropy. EG PledgeRoutineSuitableBunkhouseExceptionCremeReassureChildishPhrasingNuclear, which is 76 ASCII characters but only 10 symbols.
They're stored in a password manager, but they're typeable if needed. My "security question" answers (mother's maiden name, etc) are generated the same way, unique per use, and also stored in my password manager.
Most sites don't need 128 bits of entropy. But things like banking or subscriptions should have at least 112 bits of entropy. And it's easy to just set the generator to 10 words by default.
They're stored in a password manager, but they're typeable if needed. My "security question" answers (mother's maiden name, etc) are generated the same way, unique per use, and also stored in my password manager.
Most sites don't need 128 bits of entropy. But things like banking or subscriptions should have at least 112 bits of entropy. And it's easy to just set the generator to 10 words by default.