If you do, then it doesn’t really matter how strong you make your password.
If you use the same or similar passwords across multiple sites then the main threat to your security will not be an attack against the strength of your password, it will be the reliance on web-host and employee honesty.
What can happen
All it takes is one unscrupulous website owner or employee of your email hosting service to note down your password, and then your whole online presence across multiple sites could be compromised.
The Playstation 3 hack is perhaps the perfect illustration of just how damaging using the same password can be. Many gamers signed up to the PSN using their webmail account, and when asked to choose a PSN password, they chose the same one that they had used for their webmail. Once the PSN was hacked, the bad guys not only had access to their PSN account, but they had access to their email account too – they had the ‘keys to the castle’. Password reminders were sent out to Facebook, Twitter, Youtube and a whole host of other accounts, taking over some gamers’ complete online identity.
What you can do
To improve your online security today, make your email passwords unique to that service, and never use them as your password for other sites. Strong passwords are always important, but all too often people fall into the trap of using the same strong password for everything, and end up relying on the integrity of strangers rather than being in control of their own online security.