Which is why I have a plug-in for my browser called “Don’t fuck with paste”.
Most security experts are going to recommend writing them down in a secure password manager. Even if you’re going to use a notebook, that is still far more secure than reusing the same password on multiple sites.
This is what I wrote previously about security questions.