Struggling to remember passwords for everything from online banking to internet shopping is a curse of the modern world.

So surely, many of us could be forgiven for picking something obvious, such as 'password'.

But those who try to make life easy for themselves are also making it easy for online fraudsters, researchers warn.

The most popular passwords uncovered in a leaked Yahoo database were still, in our internet-savvy age, '123456' and 'password'.


With 'qwerty' and 'abc123' also among the top ten, an expert at Lancaster University said choosing such simple phrases makes it a breeze for hackers to get into our accounts.

Dr Jeff Yan, co-author of a paper on password guessing, said: "Why do [some] use such obvious passwords? A main reason I think is that they're either unaware of or don't understand the risks of online security."

He added: "Just like everybody knows what one should do when red lights are on in the road, eventually everybody will know 123456 or the like is not a good password choice." The top passwords in the Yahoo data - featuring obsolete accounts from a 2012 voice calling service - also included welcome, sunshine and, slightly less obviously, ninja. Many more used simple combinations of their name, age or birthday.

The researchers from Lancaster, as well as Peking and Fujian Normal universities in China, created algorithms to guess passwords based on attackers having access to different personal information. They guessed passwords for more than 73 per cent of ordinary users' accounts. Even for those who were more security-savvy, a third of passwords were cracked in 100 guesses.