Computer users are still using passwords that are too easy to crack because they have too many to remember.

A survey of 500 people at Victoria Station by security testing company NTA Monitor found that nearly half of all questioned wrote down their passwords and 84 per cent picked passwords because they were easy for them to remember - rather than difficult for someone else to crack.

"This is very worrying," said Kevin Foster, strategy manager for NTA Monitor. "Users are effectively leaving the key in the front door. Crackers work through thousands of combinations of passwords per minute and if you choose a common word you aren't secure at all."

The survey also found that over two thirds of those questioned never changed their passwords. The average computer user had to remember 21 passwords - although, for heavy users, this total rose to 70.

Matthew West, technical support manager for Norman Security Defence Systems, said: "If you must use dictionary words use them in combination. Ideally, substitute upper and lower case letters and add in numbers to make it seriously difficult to crack."

A 'proper' password, using a combination of upper and lower case letters and a full range of numbers, gives 62 options per character, and so provides more than 56 billion possible combinations for a six-digit password.

Most security companies recommend using at least an eight-digit password.