The latest report on our password usage in 2014 is public and it doesn’t look good. Based on an analysis of millions of leaked passwords, it shows “123456” and “password” as the two most common passwords. That is unchanged from 2013.

When you use weak passwords, you are exchanging security for convenience, which is not a good protocol, especially in today’s active hacking environment. It is evident from this list of the worst passwords of 2014, that people have not changed their bad password habits. Here are three tips for better protection:

1. Use strong passwords that are a minimum of eight characters in length and contain upper and lower case and special characters.

2. Use a password vault or manager to help you store and access strong passwords. They are plenty of free and paid options for your computer and your smartphone.

3. If you do store your passwords in a Word file or Excel spreadsheet, as my audience members often tell me they do, do yourself a big favor and encrypt and password protect the file. And don’t be like Sony and name the file “Passwords”.

An extra tip: Don’t use any of the “Worst Passwords of 2014”.