The Facebook logo is shown at Facebook headquarters in Palo Alto
Facebook is reportedly finalizing a settlement with federal regulators over changes to its privacy policies enacted two years ago.

Facebook users were warned Tuesday that they risk identity fraud by posting personal information on their profiles.

CPP, an international marketing services business, conducted the study by interviewing more than 2,000 adults. The results were worrisome.

The most commonly used passwords - consisting of hobbies, football teams and children's names - can be found on most users' Facebook profiles, the study showed.

If the password can't be deciphered, the secret questions usually can, with 64 percent of users showing their first school, 25 percent showing their date of birth and 17 percent showing their favourite football team - all standard security questions.

CPP warned users not to accept people onto their network without first knowing them; the study indicates that 52 percent of users do so regularly.

Danny Harrison, CPP's identity fraud specialist, said: "It

For this reason, we are advising people to not use personal information as a means to verify their online identity and facilitate access to their online accounts."

The research also discovered the 10 most common types of passwords.

  1. Interests
  2. Hobby
  3. Favourite football team
  4. Favourite football player
  5. Children's names
  6. First school
  7. Pet's name
  8. Dates of Birth
  9. The user's name
  10. Maiden name

They also suggested some top tips for regular social media users.

  • Set a unique password for every Web site: Always create a different password for each site you use
  • Personal information: Ensure that you are not posting any personal information on Facebook that can be used against you, for example date of birth, mother's maiden name or your e-mail address.
  • Enforce two-factor authentications: A number of Web-based applications and social networking sites now provide users with the ability remove the need for static passwords and allow them to enable two-factor authentication - removing the risks of your password being compromised.
  • Privacy settings on your social network profiles: Review the privacy settings on your social networks to ensure they meet your expectations. Social networks in general initially set privacy settings to defaults that allow anyone to view your information.
  • Don't use personal information to verify your online identity: If possible utilise other information or codes to construct a password, and consider using false information when asked to create a security question and answer.