Online passwords are so insecure that one per cent can be cracked within 10 guesses, according to the largest ever sample analysis.

In a recent research by Gates Cambridge scholar Joseph Bonneau, he was given access to 70 million anonymous passwords through Yahoo! ? the biggest sample to date ? and, using statistical guessing metrics, trawled them for information, including demographic information and site usage characteristics.
Result: for all demographic groups password security was low, even where people had to register to pay by a debit or credit card.

For the full story read this.