Whether you use GoDaddy just as domain registrar, or also for web hosting, protecting access to your account is crucial: someone getting ahold of your account could literally hijack your website! GoDaddy offers a standard password, used to login to your account from a web browser. The second one is a PIN number, used to confirm your identity if you call tech support.
First, go login to your GoDaddy account: click on the Sign In link in the top right corner of the page, enter your username (your customer number, by default), and your current, case-sensitive password: uppercase and lowercase letters are considered different as characters. Now click on the Sign In button. Tip: you can also change GoDaddy login (instead of your customer number!)
Once logged in, you should be automatically redirected to your account summary page. Otherwise, click on your first name, visible in the top right corner (where the Sign In link was before). Click on the Visit My Account button in the dropdown. Now select the Settings tab in the middle.
Select the Account Security Settings sub-tab on the left, and enter your Current password: this prevents anyone from changing your password if you left your computer unattended, while logged into GoDaddy! Now type the New password you'd like to use. GoDaddy passwords must be at least nine-characters long, and contain at least one of each of these: a lowercase letter, an uppercase letter, and a number (makes your password harder to guess!)
Unlike many online accounts, GoDaddy allows your password to contain spaces (but a space can't be the first or last character). So, you can type a sentence as password! Remember that capitalization matters. Finally, retype it in the Confirm new password text box, to avoid typos. Once done, add a password hint. Optionally change your call-in PIN number (see explanations in the bonus step), and click on the green Save Changes button at the bottom.