This topic comes up quite a fair bit some some clients. They do not realise the risk of having simple passwords until it’s too late.
It also means people can be looking at your data without even knowing.
We recommend passwords at a minimim to be 6 characters (however we recommend 8) , and also to have upper, lower, alphanumber and special characters in the password.
The password %^@gtgTT is easier to crack than aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
The reason is only because of length not complexity.
Here is some examples of weak passwords used in 2015.