There seem to be millions of passwords and pin numbers you have to remember. Bank, email at home and work, network at home, network at work, video shop, library card etc, etc etc. And you are told to change them all frequently and not to write them down anywhere LOL!
The rules for password protection are sound. I've followed them for years. I have a generic password I use for everything that is of low importance. And secure passwords for high safety items like email accounts and banking etc.
I always use a mixture of upper, lowercase, and numerals.
However, that didn't prevent my GMail account from being hacked into from within webmail, and an email with a Korean website address was sent out in my name to everyone I had in my address book.
I am very careful where I use this GMail address too - its what we consider the family account. I have three other GMail addresses that I use, that I consider "disposable" addresses for when I don't want people to know who I am etc.
The best thing to do in circumstances like this, is to change your password and contact your ISP and your webmail provider.
My ISP reassured me that it didn't come from my computer - so that confirmed my home network firewall and security controls were working. They suggested that my password had been hacked - there is software that can do this, no password is 100% inviolate.
I've had no repeats since then. And will remember to change my password a wee bit more frequently than I used to.
I would be very hesitant to use a password generator. I don't like anyone else other than me knowing my passwords.
I am a heavy user of Facebook, and I think I don't think I get up to anything, that I wouldn't be happy to share with everyone. However, I am careful who I invite as friends, and I make best use of privacy controls as I can. Only my friends can see everything. I don't want everyone in the world having access to photos of my daughters or my nieces and nephews for that matter.
I think Facebook should make the controls easier to understand. It took me some time to get my head round all the different bits. A less technical person couldn't be blamed for being completely lost!