Male Anchor: None of us ever wanna believe that any one could ever guess our computer password. But the sad truth all too often is you give an expert a few minutes and a few details from your life, and a few minutes later, they will be ordering a lot cabin off from Ebay using your credit card. Increasingly, your password can be the passkey to your whole world for all those who want in. Continuing our series of reports were calling swiped: identity theft in America. Here tonight is NBC's Rehfma Ellis.

Rehfma Ellis: Charle Cookston responded to what looks like a legitimate email from PayPal, an online payment service. They asked towards user name, his password. And he gave it to them, turned out it wasn't PayPal, it was a scam.

Charle Cookston: They got into the PayPal account. They got to charge card and checking account. And rallying them before the checking account.

Rehfma Ellis: And there was more.

Charle Cookston: I had all my account, insurance, vitamin, whatever I buy on the Internet had the same user name, and the same password.

Rehfma Ellis: Internet security experts say millions of Americans are vulnerable to identity theft like Cookston. Because they use only one password for multiple accounts. Hackers count on that pattern.

Bob Salivan: This absolutely is a threshold to identity theft.

Rehfma Ellis: Bob Salivan, an MSNBC. com Internet analyst says it's all too easy.

Rehfma Ellis: Are there places people can go on the computer to get information on how to get your password?

Bob Salivan: Sure, here, we just type 'password cracker' into Google, and you get back all sorts of result. Some are written by good guys, some are written by bad guys. Tons of sites devoted to figuring out what people's passwords are. So then you can break into their accounts.

Rehfma Ellis: They're always to protect yourself, including using longer passwords, and ones that combine numbers, letters and punctuation. Another effective approach, don't use your real name when you log on, make one up.

Bob Salivan: When you are logging onto newspaper sites, recipe sites, other sites that don't have any kind of credit components. Use a fake name, use a fake address, and save the really strong passwords. And your personal information for the site that's matter.

Rehfma Ellis: And if you think it can't happen to you, remember Charle Cookson. He is a computer programmer, and it happened to him.

Charle Cookson: I have uh...logged on through all my log on information. They all have a unique password.

Rehfma Ellis: More work, remembering more passwords, but more protection for you and your identity. Rehfma Ellis, NBC news, New York.