A recent security breach at phpbb.com resulted in an intruder obtaining and publishing thousands of member names and passwords. A design flaw, a.k.a. bug, in a mailing list application was responsible. An analysis of the passwords revealed some interesting facts about the types of passwords people use when creating accounts at web sites. The most popular ones were “123456” and “password”. A similar pattern was found in passwords exposed by a fake MySpace site in 2006. While intrusions at non-critical sites like these aren’t likely to ruin your life it’s a lot more serious if they manage to get access to your account at your bank or credit union web site. Lets look at the types of password problems I’ve seen and what you can do make yours safer without a lot of hassle.