"I believe in my book I even listed hundreds of passwords that contain the word 'dragon,'" says Burnett, whose Perfect Passwords came out in 2005. "The sites that have the most complicated password policies don't get leaked as often," says Lorrie Faith Cranor, a computer scientist at Carnegie Mellon University who has studied password creation in her lab for over eight years. People choose passwords like "dragon" for the same reason they use common names. Cranor's research has shown that people choose passwords like "dragon" for the same reason they use common names, like Michael and Jennifer, or beloved activities, like baseball. "Passwords, I was told, were supposed to make it hard for other people to get into your accounts, and dragons are big and scary and less common in real life than, like, bears," another "dragon" user said. Sometimes, though, the reason you choose "dragon" as your password is just because you're young, and dragons are, well, really cool.