After cracking a list of passwords leaked to the Darknet in 2015, two observations were immediately clear; people have taken classic password creation advice to heart, but no one has taught them that technology has rendered it obsolete.
Of the passwords recovered from the hash list, 76-percent of them contained 1-8 characters, thus, only 24-percent of them were more than 8 characters in length. Passwords with a minimum of eight characters, uppercase and lowercase letters, numbers, and symbols were solid rules to live by ten years or so ago. But that was then, these days those rules are obsolete when stacked against modern technology. Use of a password manager is recommended.