Generic logins such as Password123 and Abcd1234 are being used by Western Australian government officials, leaving systems vulnerable to hacking.

An audit of WA government agencies found Password123 was the most commonly used weak password, used by 1,464 employees.

The audit found about 26 percent of accounts across a number of government agencies had weak or commonly used passwords, increasing the risk of successful cyber-attacks.

A test completed by the audit proved this, with the team accessing a WA agency’s web system – which was publicly available through the internet – gaining full access by guessing the password correctly – Sumer123.

Western Australia's government agencies have been using weak passwords on many accounts. (AAP)

Across the WA government agencies, 20 weak passwords were used in 6,546 accounts, with Password123 used by 1,464, followed by Project10 which was used by 994 accounts.

Other popular passwords included support, password1, password, abcd1234, October2017, Logitech1 and Spring17.

“Many of these passwords comply with industry standards for password complexity and a length of at least 8 characters. This indicates that merely applying these parameters is insufficient to guard against inappropriate access to networks and systems,” the audit report stated.

The report has recommended the WA Department of the Premier and Cabinet should “provide guidance to agencies” on better ways to manage accounts and access including password management.

It has also suggested blacklisting “the use of common weak passwords”.

The top 20 weak passwords: