One of the biggest mistakes that users make is replicating the same or very similar passwords on multiple accounts. As a result, cracking one password will lead to a domino effect that allows hackers entry into multiple accounts with little effort. All of your accounts should use different strong passwords. Also, they use words such as their first names and last names which should be avoided. It should use a combination of special characters and words that will be difficult to guess.

Use a mix of different types of characters to make the password harder to crack as in the example shown below.
This make it more difficult for the hackers to hack as there will be multiple number of combinations to look into.

The longer the password the better the security. Combining this length with complexity makes a password difficult to guess and/or brute force.

Be careful not to use predictable passwords and avoid the most common ones eg. Password123

Studies have shown that frequent password changes actually lead to weaker credentials. Users are more likely to create short, easy-to-guess passwords because they’re forced to create and remember a new password every couple of months.

Don't leave your laptop, tablet, or smartphone unattended in a public place. Even if you’re working on a secure Wi-Fi network, that won’t stop someone from taking your property or sneaking a peek at your device.

It’s become clear that people, if unchecked, follow very common patterns in password selection. As a result, cybercriminals use lists of common passwords and patterns found in previous breaches to narrow the universe of passwords attempted in their attacks.

Screening your passwords against a comprehensive set of unsafe/commonly used passwords gives rise to a unique set which makes it more difficult for cybercriminals to attack.

Longer passwords more secure

That was done through a brute-force attack, and it all could have been easily prevented if the passwords had been both more complex AND longer. ... Your password needs to be at least 8 characters, needs to have a capital and lowercase letter, a number, and a symbol.

These are different authentication factors for users to verify themselves to better protect both the user's credentials and the resources the user can access. It adds an additional layer of security, making it that much harder for unauthorized users to access your online accounts.