Not really though. Once the password has been leaked, it needs to be cracked. And that usually doesn’t happen when the password is strong enough.

Except the password wasn’t hashed but then the company belongs to get sued to bankruptcy

The only good passwords are those you don’t know yourself because they are randomly generated and all stored in your password manager of choice.

Same mail at a shady provider

I came up with a formula for my passwords - as easy to remember as a single password and makes a unique login for every site feasible without a password manager. Can be updated as often as you like and all you gotta do is remember the latest version of the formula. At the very least, the hashes will be different and it’d take someone having more than two of my passwords to figure out the pattern.

I also use over 100 email aliases with my own domain name so that my most important accounts have a separate login that isn’t a common domain that wouldn’t be easy for someone to guess.

It would take a lot of concentrated effort for someone to get at any of my important accounts, and even my less important ones would be pretty difficult to get into even if multiple accounts are compromised, due to using a smaller pool of aliases under common domains for less important accounts.

Someone got into half a dozen of my accounts a few years ago and I finally started taking security seriously.