Almost 16 million use same password for almost every website, a new study has found.
According to life assistance company CPP, such an action could lead to money being stolen from bank accounts, fraudulent purchases via online shops or identity theft.
In the study, which said that an average internet user is asked for a password by 23 websites a month, experts found that 46 per cent of British internet users (15.6 million) have the same password for most web-based accounts and five per cent (1.7 million) use the same password for every single website, reports The Telegraph.
Sarah Blaney, identity theft expert at CPP, said: "No sensible person would use the same key for their house, car and garage.
"In the same way, we shouldn't use the one password for everything.
"If possible people should use multiple passwords with a combination of letters and numbers, which should be difficult to crack."
Former computer hacker Robert Schifreen said: "An online fraudster who manages to find your single password will have the keys to your entire online life. They can then do everything to your accounts that you can.
"Varying one word by putting a digit on the end is too easy for a hacker. Also, if they see your password is January, they will try February, March etc. for other websites.
"It can be very difficult remembering so many passwords these days but it is vital.
"I keep one word processing document that lists all my usernames and passwords and protect this with a very strong password. I then only have to remember one.
"Make sure your antivirus software is up to date, trust nobody online and only type your confidential information into a website if you know it is secure."