Nearly four in five web users admit to using personal information and phrases in passwords. 26 percent of web users reuse the same passwords email, online banking or social networking accounts. 8 percent copy passwords from online lists of ‘good’ passwords, according to security firm Check Point. The security firm urged web users to use passwords that are at least eight to ten characters long, are a mixture of letters and number and do not contain any personal information such as family names, addresses, birth dates or phone numbers.”]
Source: https://www.csoonline.com/article/2126506/79-percent-of-users-put-personal-info-in-passwords.html