It was actually the passwords to YP Chat, not Youporn itself. The Yourporn guys are pretty reasonable engineers and sysadmins, from what I've seen, and manage user passwords correctly.
Personally, I think in 2012, if you're not using a password manager to generate and manage unique, strong passwords per site, especially for "sketchy" stuff like porn sites, you're already doomed.
Also, Presidents Day and other minor useless holidays are great times for annual rituals like tracking down and changing any legacy shared passwords you may have. Don't wait for a breach!
Yet, friends and HN hackers alike have scoffed at my attitude which is roughly the same as yours. If you're blindly trusting sites with a non-unique password, it's only a matter of time.
(edit) To get ahead of the repeat replies, LastPass syncs across browser extensions, encrypt/decrypts locally, can be accessed from any browser even without an extension and has mobile apps. I've been using it for probably two years now and I've never not been able to access an account even when using all varieties of guest computers, iPads, etc.
For the ones that store information in a local file, that could work. But then a lot of the mobility is lost, even if you use something like Dropbox (you are not going to sync behind a corporate firewall, for instance). At least my brain is attached to my head and is very portable, I just have to remember the damn things.
That said, do you have recommendations?
The one thing I'm waiting for is iCloud integration. If they don't provide iCloud integration, I'd consider other options (including trying to roll-your-own, maybe using their extensions and spoofing the IPC)
Edit: Here's a link (no ads or other junk). http://16s.us/sha1_pass/
I do, however, use a simple templated password. By including a few unique characters (following an easy to remember formula from the sites domain name) in an already strong base password, I can use dozens of unique passwords without any special environment.
If you carry a smartphone, there are several password safes available for these as well.
Clipperz (web-based) and KeePassDroid work for me.
On my primary systems, a simple text-based database GPG encrypted.
Your password template may or may not be good practice. From random cracking, probably safe. If someone takes a particular interest in you and has prior knowledge of your scheme and several revealed examples, other passwords may become discoverable.
I'm not sure how best to make it part of the site sign up process on the server side. The other hassle is you now really want to also link mobile platforms, so unless you're all apple, it's kind of tricky. You could possibly do a web-based password manager instead of something local (there are a few options), or if you're all-apple, 1Password (which doesn't even work perfectly on iOS).
The other way is to just move everyone to Facebook Connect or other third-party identity services, but there are a bunch of problems with that. If there were a single-signon provider which were only single signon, vs. profiles and all the other stuff, it would be more acceptable, but even then, just linkability of all your accounts is a security and privacy compromise, as well as being a single point of attack and failure.