It seems no one got the memo from last year: "123456" doesn't make a good password.

Despite pleading from security experts, many of us still use go-to, easy-to-recall passwords for most of our online accounts. Gemalto recently surveyed 9,000 consumers from around the globe, including in the UK and the US, and found that 70 per cent of respondents believe the responsibility for protecting and securing customer data lies with companies (where as only 30 percent thought it was up to themselves).

So, it's no surprise that Keeper Security's annual list of commonly used passwords still contains strings of characters and letters that even the most basic hackers could figure out and use against you. It combed through 10 million passwords that entered the public domain in 2016, thanks to data breaches, and found that almost 17 percent of users still use "123456" to protect their accounts -- the same password that topped 2015's list.

Passwords like "123456789", "qwerty", and "password" also made an appearance in the top 25 worst passwords found:

  1. 123456
  2. 123456789
  3. qwerty
  4. 12345678
  5. 111111
  6. 1234567890
  7. 1234567
  8. password
  9. 123123
  10. 987654321
  11. qwertyuiop
  12. mynoob
  13. 123321
  14. 666666
  15. 18atcskd2w
  16. 7777777
  17. 1q2w3e4r
  18. 654321
  19. 555555
  20. 3rjs1la7qe
  21. google
  22. 1q2w3e4r5t
  23. 123qwe
  24. zxcvbnm
  25. 1q2w3e

Amazingly, four of the top 10 most common passwords were six characters or shorter.

Microsoft offers several tips on how to choose safe passwords. It said that a good password should be eight or more characters long, not be your user name, real name, or company name, and, in fact, not contain a complete word at all. It should also be different to passwords used elsewhere and contain at least one each of the following: an upper-case letter, a lower-case letter, a number and a symbol (such as £ or $).