Turns out "Password1" wasn't the best call to protect your online banking account.
According to a study conducted by the security services firm Trustwave, most cyber criminals aren't subverting our online security measures with advanced hacking techniques and encryption shattering computer Kung-Fu. Most of these criminals are making off with our sensitive data using the more mundane strategy of guessing your password.
The security report suggested that we are partially at fault here for making cyber criminals' jobs that much easier with our lack of creativity; the report found that the most common password used to protect business systems is, predictably, "Password1."
Password1's meteoric rise to popularity has a functional explanation: it contains a number, an upper-case letter and nine characters, thus satisfying the requirements of many popular encryption systems.
According to Trustwave, about 5% of all passwords include some variant of the word "password." The word "welcome" accounts for another 1%. With that kind of predictability, hackers don't even have to be that lucky to get access to our protected data. Just by trying every variation of "password" and "welcome," a cyber criminal has over a 6% chance of cracking your code.
Verizon verified Trustwave's results in their 2012 Data Breach Investigations Report, considered the tech industry's most comprehensive annual security study. Though the full report has yet to be released, the preview leaked by Verizon shows that weak passwords were a factor in almost 30% of all online crime.
So go ahead and change your password. Just don't change it to "Password2".