Topping the list of security shame are staff who use the word “password” as their password.
Second on the list compiled by the Scottish Business Crime Centre (SBCC) is the easily-crackable “123456”.
And not much better in the number three slot is the less-than-cunning “abc123”.
Other sloppy attempts to defeat computer hackers in the top 10 include “letmein”, “111111” and “iloveyou”.
The SBCC said there was a new entry at number 10 with the woeful password “welcome”.
The SBCC work with member businesses across Scotland to provide services relating to business security.
Gary Ritchie, Assistant Director, said: “If someone is using the same, basic password for all of their accounts and website log-ins then once a cyber criminal has got hold of that one password, they can hack into all accounts and cause great financial and personal damage.
“We want people to realise the importance of a strong password or pin and not to use dates of birth or phone numbers and other obvious information for all log-ins.”
The SBCC has now produced a number of top tips for internet users.
The recommendations include using at least eight characters in a combination of numbers and letters.
Users should also deliberately misspell words and use a combination of lower case letters, capitals and symbols.
For example a password such as “catlover” could become “c@LUVr!”
They also reminded workers of the danger of flaunting information such as birth dates on social media.
This is because questions which require these answers are often used in security questions when users have forgotten passwords.
Fraudsters can then use this information to access your account through the “forgot password” link.
“Creating a strong password takes minutes and keeping your information safe and away from hackers is well worth the effort,” said Mr Ritchie.
SBCC also advised that smartphones and tablets have the potential to provide hackers and criminals with a wealth of important private information.
Increasingly people are choosing to keep important information such as banking details stored on their mobile devices which could lead to fraud.
It is estimated that this year alone, £5b will be lost through cyber crime in Scotland.
A recent study conducted by Ofcom revealed that 55% of adult internet users admitted to using the same password for most, if not all, websites.
The Adult’s Media Use and Attitudes Report 2013 revealed that 25% confessed to using passwords such as birthdays or names which can open them up to the threat of account hacking.
Top ten rubbish passwords used by Scots workers
7. 111111 (up 3)
8. iloveyou (up 2)
9. trustno1 (down 3)
10. welcome (new on list)
Hovering just outside top 10: jesus, ninja, mustang, password1