Was it hooked up to the internet?
They were but very limited access and in the end they removed our online access. There was one PC with good internet access, they occasionally changed the password on that. When I left I believe it was Password12
I use a random password generator for most websites stored on a password manager (local PC only), some websites I use 2FA. There are a couple of websites that I use passwords not written or recorded anywhere.
On some websites that I might only use once I use what I call one time passwords, random generated but not recorded. If I ever need to go back onto that site I'll have to reset and re-authenticate the password/account.
I also have multiple email addresses, some that are disposable only used for non critical websites and if one is compromised and starts getting lots of spam etc it can easily be deleted without major consequences.