Apple (Nasdaq: AAPL) has been dodging rotten fruit all through the long holiday weekend after several sources broke some uncomfortable news: the sales rankings of applications in the App Store may not be totally kosher, and your account may not be completely safe. Some App Store users report being ripped off for hundreds of dollars to buy items they can't even use. You might want to check your iTunes and App Store account activity and change some passwords if you're of the paranoid ilk.

Large-scale hacking attacks -- big enough to almost push the Twilight saga clean off the top 40 best-selling book apps list -- are never a laughing matter, but we don't know yet whether the culprit was a server break-in or simply a bunch of easily guessed passwords. My money is on the latter, though. It's drop-dead easy for a determined cracker to whip up a brute-force guessing attack on some commonly chosen but easily guessed password patterns.

My own Gmail account was accessed from Croatia a few months ago and started spewing out spam under my name; Google (Nasdaq: GOOG) makes it easy to kick the interloper out and restore order in the fort, and also forced me to choose a much more secure password than before. Apple's password requirements are a bit looser than Google's, but not by much. My old, easily guessed Google password would still pass muster under Apple's current requirements but not under Google's. The new one exceeds all reasonable security standards, but it's also hard to type on a smartphone touchscreen. You just can't win.

In this day and age of increasingly ubiquitous network access, data storage in the cloud, and everything-as-a-service, it would behoove the big names in Cyberspace to ask a bit more of their users. From Google to Apple to Facebook and Twitter, everybody asks for a password but none of them force you to make it particularly good. They all hint at ways to improve your security, but there is no enforcement. Passwords are generally not a very good solution to the problem of computer security, but it's the de facto standard.

Drawing a squiggle on the screen is arguably more secure, but only works on touchscreen gadgets. Fingerprints and retina scans are perhaps too personal. I think it's time for Symantec (Nasdaq: SYMC), VeriSign (Nasdaq: VRSN), McAfee (NYSE: MFE), and EMC's (NYSE: EMC) RSA Security to sit down in one room with the giants of e-business and hammer out a better standard. Don't leave that room until we have a secure authentication system that works anywhere, is so easy to handle that you don't write your personal key on Post-It notes, and serves ice cream sundaes when you get your login right. Is that too much to ask?

Apple probably wishes for a better practice right now, but there wasn't one available last time I checked. Or did I miss the silver bullet flying by? Please correct me in the comments below and then let your favorite online business in on the secret, too.