BORNAKK: We have been helping players deal with account theft for years now, and unfortunately, roughly a third of players make a very basic security mistake: using the same password for all of their security needs.
If you are serious about protecting your account and your personal security, your Battle.net password should be different from your email account password -- or other personal passwords for that matter!
No one wants account thieves rooting around in their personal email, address book, and contact lists. Too often we see thieves breaking in to this information because their target has used the same password across multiple types of accounts. Not only can this give thieves access to your account, it can lead to compromises far outside of Battle.net as well.
It’s immensely important that everyone use separate passwords for separate applications, including games. Secure passwords have both numeric and alphabetical values, and are usually at least 10 characters in length.
Now this is very sound advice and is something that I have been highlighting for quite some time. One third of hacks being a result of using the same password across multiple sites and applications, such as email and fan sites, is a fairly alarming statistic. This suggests that there are a lot of 3rd party systems out there that are being hacked to farm WoW user accounts and passwords.
Also note that WoW does not impose restrictions on password attempts so dictionary attacks are also a real possibility on your account. This is a great reason for selecting a strong, complex password.
Oddly enough, Bornakk does not mention the use of an authenticator. The Blizzard authenticator is a great security mechanism and something that every WoW gamer should possess.
You can read more on choosing secure passwords and dictionary attacks on your WoW account here.