According to Kaspersky, one in seven people are not sufficiently security savvy, using just one password for all of their online accounts.
The Russian-based security firm said such users risk having several accounts simultaneously compromised in the event of a data leak; however, for users with a bit more password vigilance that have a few passwords for a larger number of accounts, the level of risk is not much lower.
"Unfortunately, many people don't have a very good understanding of the scale of internet threats and are not serious enough about protecting their personal data online, significantly increasing the risk of losing it," David Emm, principal security researcher at Kaspersky Lab, said.
"A strong password that differs for each account is an important basic element of protecting your digital identity. You can think of and apply a single algorithm to create passwords which are not easily cracked but which you can easily remember."
Kaspersky said 12 percent of people do not create difficult passwords containing any combination of upper-case letters, lower-case letters, numbers, or symbols and that one person in 10 uses a password that is less than eight characters long.
In one of the studies the firm carried out this year, Kaspersky said it found that 57 percent of respondents admitted they kept their passwords on a piece of paper, on their phones, in text files on their computers, or saved in an internet browser when it offers to save login and password information. Kaspersky believes agreeing to a browser storing information plays directly into the hands of cyber criminals.
In October, Kaspersky's The compared perceptions of passwords and underwear report [PDF] found that many users are careless as they believe they do not have confidential information stored on their computers, with 73 percent of surveyed users saying they would rather reveal their passwords than go without underwear.
The report found that 66 percent of respondents in the United Kingdom actually felt more exposed leaving their house without underwear than they would knowing some of their personal information such as account details was accessible without a password.
Last month, the Norton Cybersecurity Insights Report from Symantec said Australians are losing more than AU$1.2 billion to online crime, with 3.7 million people in the country impacted by online crime in the last year.
As a result, the report found Australians spend an average of 14 hours and AU$325 per person dealing with the impact of being a victim.
According to the report, 90 percent of Australians worried they would be affected by online crime and 66 percent believed it was more likely their credit card information would be stolen online than from their wallets.
Despite such concerns, Mark Gorrie, director of Norton by Symantec Pacific region, said consumers were overconfident in their online security behaviours.
"When you actually look at the details behind that in terms of what they're doing with their password, less than half are always using a secure password," Gorrie said.
"We saw 27 percent indicated they had shared their banking password, and one in three weren't protecting the devices they're using with a password."