Like many people, Lisa Hale is on password overload.

"I need a password for my banking online. I need a password for work. I need a password for my Blackberry, Yahoo blogs, my AOL email account. I have a password for my Outlook account at work," Hale said.

At Consumer Reports, 80 per cent of the IT department's work involves resetting expired or forgotten passwords. Dean Gallea, who oversees the computer testing, says using a weak password leaves you vulnerable to identify theft.

"A weak password contains information about you that's easy to find out: your name, address, birthday, or some variation of those things," he said.

And using one password for everything is a mistake. If ID thieves get the password to say, your Amazon account, you could have unintentionally given them access to your bank account.

For stronger e-security, three passwords are ideal … one for financial web sites, another for sites with your personal information, like Facebook, and a third for sites that have no confidential information, like blogging sites.

"Make it easier by starting with something you can remember, like a childhood friend's name, maybe spelled backwards. And then add some numbers or symbols to the beginning and end. That way, if you have to write it down, you can just write down the add-ons," Gallea said.

New technology can also help. There are devices that let you scan your fingerprint, for example, in order to log on to web sites.

And certain computers now use facial recognition software to let you log onto the computer.

If you must write down your passwords, you never want to put the list in your computer, where it can be easily stolen. Same goes for carrying it in your wallet or leaving your passwords next to your computer. Instead, hide the list where thieves won't have a clue to look -- like between the pages of a favorite book.

With a report from CTV British Columbia's Chris Olsen