Keeping separate passwords for everything is simply not practical - nobody can remember that much. So they write them down. And because they need to look up passwords constantly, they keep the list easily accessible, i.e. easily compromised.
IMO a viable alternative is to have a few separate passwords based on how sensitive they are. Personally, I use three:
- One for regular websites where I wouldn't mind losing the account (game forums, throwaway registrations, etc.)
- One for stuff that would be seriously annoying to lose or where money is spent (my personal site, various shops, etc.)
- One for everything where money is kept or which could be used to compromise other sites (banking, paypal, ebay, google mail)
IMO a viable alternative is to have a few separate passwords based on how sensitive they are. Personally, I use three: - One for regular websites where I wouldn't mind losing the account (game forums, throwaway registrations, etc.) - One for stuff that would be seriously annoying to lose or where money is spent (my personal site, various shops, etc.) - One for everything where money is kept or which could be used to compromise other sites (banking, paypal, ebay, google mail)