For your account passwords or personal identification numbers, easy-to-recall codes are way too easy for others to guess.
Yet the most popular passwords are "123456" and, yes, "password," reports app developer SplashData.
One in 10 four-digit PINs is "1234," according to consulting firm Data Genetics. Says president Nick Berry, "It's staggering, people's lack of imagination."
Keys to tighter security
Go big and random: Longer passwords are harder to hack.
Avoid actual words, years, and calendar dates; instead, devise memorable nonsense from abbreviated sentences. "The best TV show was Sanford and Son," for example, becomes "TbTVswS&S."
Store codes in the free, multi-device app Dashlane.
Don't repeat: Never reuse a password for sensitive accounts such as banks, email, or social media.
You can, however, recycle a password for sites that don't store your personal info, such as Internet radio stations or online publications.
Tell lies: To keep people from guessing your password-reset questions -- that's how Scarlett Johansson's e-mail got hacked -- go crazy.
"Tell them your mother's maiden name is Superman," says Adam Levin, chairman of IDentity Theft 911. But now that he's said that, pick another name.