When it comes to creating passwords, the business world seems to be lacking in the creativity department.

The number one computer password employed by business users is, wait for it … “Password1.” And that’s just one of many cringeworthy passwords cited by security services firm, Trustwave in its recently released Global Security Report for 2012.

Based on nearly two million network vulnerability scans and 300 recent security breach investigations, the firm found that variations of the word “password” made up about five percent of passwords and 1.3 percent used “welcome” in some form.

Security experts say the number one way hackers gain access to protected systems isn’t through sophisticated coding and fancy technical equipment. It’s by guessing the password. And that’s not hard to do when your password is, well, ‘password.’

Easily guessable or even completely blank passwords were the most common vulnerability found in Trustwave’s security testing. The firm used widely-available password-cracking tools on 2.5 million passwords and successfully broke more than 2.1 million of them.

Other common keywords included using baby names, seasons, names of US states and months of the year.

So, if your password is something guessable, what’s the best way to make it more secure? Make it longer. Security experts say it’s time to stop looking at passwords as words and more as phrases. Something like ‘ThisIsMyPasswordNoReallyItIs’ is far more difficult to guess than ‘Password1’ or ‘Spring12.’