The card insurance company CPP said 46% of all UK adults now use the same password to login to their banking, shopping and social networking sites, with a further 54% confessing to using variations of the same password.
Perhaps worse, the research noted that many people admit to using use easy-to-guess passwords - such as memorable dates, the names of their children or pets - and then share them with partners, friends and colleagues.
And with the average person visiting 23 different websites each month that require a login, they are, said CPP, an easy target for fraudsters.
The survey of 1661 UK adults found that almost 40% admit that at least one other person knows their passwords, ranging from children, colleagues and friends.
And, said the report, many are in danger of their `exes' coming back to haunt them over half a million confess their former partner has access to their personal login and passwords.
39% of respondents think these people may have logged in using their passwords and usernames.
The report says that the threat of fraud is real: one in 10 people have had their web accounts accessed by fraudsters, with 57% of these attacks happening in the last year.
As a result, one in 20 reported that they'd had their identity stolen online.
Out of the victims, 18% had goods or services illegally bought in their name, and one in eight had money stolen the average sum being over £1000.
Sarah Blaney, an identity theft expert with CPP, said that no sensible person would use the same key for their house, car and garage.
"In the same way, we shouldn't use the one password for everything. If possible people should use multiple passwords with a combination of letters and numbers, which should be difficult to crack," she said.