If you've tried to log in to Facebook in the past couple of days and been told you have to reset your password, it's probably because your login details were compromised by data thieves.
A trove of 1,580,000 website login details and 320,000 email accounts have been posted online, with Facebook, Yahoo, Google and Twitter the top targeted sites.
Facebook had the most accounts compromised, with 57% of the stolen passwords linked to the social network, which has since put any affected users through the forced reset process.
Although even the team that found the password pile, Trustwave, isn't completely sure how the data was stolen, it suspects that key-logging malware is to blame.
All change please
As ever, the best idea is to reset your passwords and use different ones for each site you log in to online.
And steer clear of these ten rubbish passwords, which Trustwave says are the ten most frequently used in this latest batch of stolen data:
Come on guys, would a little imagination kill you?
- We've featured the best password managers.