According to an Information Week survey of 4500 computer security professionals, 22% of security breaches were done with “guessed passwords.” This means that the number one thing you can do to improve your security is to use passwords that can not be guessed. For starters, never use any word that appears in your account data, and never use a word that appears in a dictionary. For more password do’s and dont’s, read George Shaffer’s Password Basics).