25 worst passwords of 2011 revealed

The most common passwords of 2011 obviously ones you should avoid usingrange from the simple"password" and "123456," to"football" and "michael,"data posted by hackers reveals.

"Hackers can easily break into many accounts just by repeatedly trying common passwords," said Morgan Slain, CEO of SplashData, Inc., the computer security firmthat compiled the list, in a statementMonday.

"If you have a password that is short or common or a word in the dictionary, it's like leaving your door open for identity thieves."

He advised anyone using any of the passwords on the list to change their passwords immediately.

SplashData said it compiled the list from files containing stolen passwords posted online by hackers.

Many on the list are sequences of numbers between 1 and 6 in order, either forward or backward. Sequences of letters on the keyboard in order, such as "qwerty" and "qazwsx" were also common, as were some first names, sports and animals.

The complete Top 25 are:

• password
• 123456
• 12345678
• qwerty
• abc123
• monkey
• 1234567
• letmein

  Tips for strong passwords

  • Make them eight characters or more, with a mix of characters, e.g., letters, numbers, symbols.
  • One way to create longer, easy-to-remember passwords is to separate short words with spaces or other characters, e.g., "eat cake at 8!"
  • Don't use the same username/password combination for multiple websites.
  • Use a password manager if you have trouble remembering your passwords. SplashData makes one called SplashID Safe.

  Source: SplashData Inc.

• trustno1
• dragon
• baseball
• 111111
• iloveyou
• master
• sunshine
• ashley
• bailey
• passw0rd
• shadow
• 123123
• 654321
• superman
• qazwsx
• michael
• football

In the past year, hacker collectives such as Lulz Security, also known as LulzSec,have taken responsibility for cyberattacks on websites such as Sony and Nintendo, and have posted stolen data such as usernames and passwords online that they claimed were from those sites and others, includingFacebook and PayPal.

In June, an Australian IT security consultant launched a website called "ShouldIChangeMyPassword.com" that lets peoplecheck if their usernames and passwordsare among the 800,000 in the database he compiled of stolen passwords available on the web.