The thing to note here is they are suggesting long passwords that are easier to remember, emphasis on long. Both length and complexity increase security. Also keep in mind if you are using passwords that are familiar to yourself they are also familiar to people who know you, undoubtedly when the X gets into your email account it's because they guessed the password.
While on the topic it's important to use different passwords for important sites like banks. For that reason alone you might as well use a password manager like
Keepass and utilize complex passwords.
Using a common password on sites like this one and other forums for example is not much of risk unless you have personal data in PM's for example. Where the risk lies is that this site is not a bank and does not have an army on software engineers securing that data.
- If the user table in database is obtained one would have a list of associated usernames, emails and encrypted passwords. They will brute force the passwords starting with dictionary attack.
- If they are able to alter files on the server they could literally script it to send them whatever info they want about the login.
- This site does not use HTTPS, your login could be compromised if it's intercepted by third party. Someone that has control of public Wi-Fi router for example.
If they obtain the password it's off to your email account to try the password there, perhaps Ebay, Paypal, your bank or whatever. Any site you use like that should have a unique and strong password.
If you do not want to go through the trouble of managing passwords, come up with a formula for creating them. For example suppose an easy to remember number for you is 4196:
4c1i9t6y1
The letters mixed in are the the first four letters of the domain city-data.com... This is simple example and should be a longer.