Sophos is "urging" computer users to use different, and stronger passwords for online accounts and services.
The IT security firm advises people to take the time to "assess the strength of their passwords and ensure that they are choosing unique and multiple passwords for every different sensitive account in order to thwart hackers and protect their personal and corporate identities".
The advice follows a Sophos poll that showed that 33% used the same password for multiple sites "all the time", 48% varied between a "few different" passwords and just 19% never used the same password.
In addition, the company says that using "dictionary words" is not a good idea. Sophos warns that hackers can use electronic dictionaries that try every word until they find the right one.
This warning follows Twitter's advice earlier this week that advised users of the micro-blogging service to strengthen their passwords after around 750 accounts were "broken into".