Macworld:

The biggest risk when setting a password is when you re-use a password across sites and services. If you do this, you’re multiplying the risk of a breach at one of those services, allowing a cracker to try your account name and password from the breached service at other sites. If any match, they’ve now hijacked your account there, too.

A unique password at every site is the goal. And Apple added an alert in iOS 12 and macOS 10.14 Mojave that will help you towards that.

While this isn’t an issue for me – I use 1Password to create unique passwords for every login – I really appreciate it for my wife. It drives the point home to her how often she uses the same password on multiple sites.