I use a password manager called KeePass to generate random passwords for each site. Each of which are of varying length(13 character minimum) and composed of random letters, symbols, and numbers. In theory, it being like that makes it easier for brute forcing, but the length of it makes brute forcing not ideal, and the randomness makes a dictionary attack impossible.
This would be a good time by the way to remind everybody that brute force is not the only method used to crack passwords. If you use a password composed of every day words or names, a dictionary attack can be used, where pretty much they take a text file full of different words and names and keep trying them until one clicks. Which is why sites encourage you to add symbols and numbers to your passwords.