[Acorn]

Personally I use an online password manager. (Passpack)

This allows you to randomly generate strong unique passwords for each website, and have them accessible from anywhere.

You are obviously putting trust in the service, but you have to weigh up what is more of a risk; the service going AWOL and stealing your passwords, or someone breaking into your accounts due to bad/repeated passwords.

LastPass is another major online password manager.

KeePass is a great offline solution. There's also 1Password.

[bakhlawa]

Don't these online services all have the eggs in one basket problem? The likelihood of them getting hacked might be low, but the impact of such an occurrence would be very high (all passwords exposed).

[unattended]

The possibility of a site getting hacked or being attacked may be low but not unexpected. Many of these services don't know your actual passwords, they just have a file that's cryptographically secure with your passwords in there which in the case of an actual breach, only you (the owner/creator of said password list) has the keys to get into it. You just have to be responsible enough to know where your keys are to get at that list or it's lost for good. The likelihood of someone actually cracking into those password files without knowing the password is actually much lower than the site storing them getting compromised. And in the event of 1password, if and when they become aware of a breach they're usually upfront about it and require you to reset your master password before you can use the service again for the sake of security.