Context is that I had to register for a lot of accounts recently and some of the rules really make no sense.
Not name-and-shaming, but the best one I’ve seen recently is I might have accidentally performed an XSS attack on a career portal using a 40-digit randomly generated password…
I memorized a handful of randomly generated passwords in high school (around 2005) and never looked back.
These days I use a password manager, but for semi-low security stuff (on my LAN) I use one, for my Apple account a long combination of three. And that’s it! The password manager is where it’s at.
Just one of my passwords was leaked in data breach (from back when I was younger and recycled passwords) so that one’s out, but otherwise I’m doing pretty well with the memorized randomly generated passwords.