Is there a doctor in the house?

There is much advice about how to choose passwords, and much of the advice is bad. It doesn't consider the threat models, it doesn't consider human fallibility.

You do not want to remember many passwords. You should remember as few passwords as possible, while still using a different password for every site. So the best solution is to use one of the password management tools and let it generate very strong passwords for you.

Then you just remember your password to get into that tool, and perhaps one or two others where you have no choice, such as for buying things on a tablet computer.

You take backups of the password tool's database, and you consider printing out the passwords to put them in a safe, protected by trained attack tigers.

If you really must treat passwords for remote web-sites as something which mere humans have to remember, and you accept that you're fighting a losing battle but are prepared to fight valiantly nonetheless, then here is some advice.