An analysis of 10,000 Hotmail passwords obtained in a phishing attack reveals that the most common password is "123456," which is pretty much the first thing any decent hacker will try to guess. Your password probably sucks, too.
The maker of one password tool estimates it can crack 55 to 65 percent of passwords out there — and that's not even particularly impressive, says security writer Bruce Schneier in an in-depth look at picking a secure password. You won't read that, so here's a very short guide. Summary: Use a password manager, don't use words from the dictionary, don't use the same password on every site.
And try not to be the Hotmail user who picked the reasonably secure password "lafaroleratropezoooooooooooooo," only to then go and enter it in a stupid phishing website.