Cyber security firm Trustwave says more than 2 million accounts for services such as Facebook, Google and Twitter have been compromised.
Although several of the companies have already contacted affected users, the most interesting bit of information from Trustwave are the most popular passwords snatched from these accounts: 123456, 123456789, 1234 and, yes, "password."
If you happen to use one of these passwords, it's time for a change. Here are some tips on creating a stronger password.
1. The more complicated, the better. Don't rely on basic words to secure your accounts. Use a mix of letters, numbers and symbols to make it tougher to guess. For example, use a zero instead of the letter "o." Don't be afraid to use a diverse combination of characters.
2. The longer, the better. Most sites set a minimum for password length (between 6-8 characters). Take it a step further and create an even longer password. Again, the goal here is making them difficult for someone to guess.
3. Consider phrases. Passwords don't have to be just one word. For example, "the quick brown fox jumped over the lazy dog" could become TqBFjOTld or tqBfJ0T1D.
4. Use multiple passwords. Try to mix up the types of passwords you use for different sites. Sure, it's easy to remember only one password, but it means if one account is breached, all of your accounts might be in trouble. Password manager services can lock them down with one master password, or you can always take the old-fashioned route of writing them down and keeping them in a safe place.
Another thing to consider is two-factor authentication, which ties to your smartphone. Sites including Facebook, Google and Twitter all offer this. When set up, if you log in to an account from another computer, the site sends a special code to your phone that you must type in to access your account. It's an extra layer of security in case someone does discover your password.