In general, passwords should be at least 8 characters long and include a variety of lower case letters, capital letters, numbers, and symbols. It is also a good idea to use a unique password for each of your accounts online. Many accounts also support Multi Factor Authentication (MFA, or sometimes referred to as Dual Factor Authentication, DDA, or 2-step authentication). MFA requires users to enter a password to their account, and then verify their identity through a secondary source. This might be a text message, or through a third party App like Duo or Google Authenticator. MFA can greatly enhance the security of your accounts, and provide you with warnings if unauthorized users are attempting to access those accounts.
A password manager is like a database or digital notebook to store all of your passwords. This allows you to create complex passwords unique to each site you visit without relying on your memory. In some cases the manager may even automatically generate extremely complex passwords for you. Managers plug in to your browser, and once opened with a strong master password, will automatically enter your unique passwords on the sites you visit.