What password do you use for your Facebook or PayPal e-mail account: your birthday? "1234567"? "abc123"? your favorite sport? Better change your passwords before hackers break into your bank account information or read your private e-mail messages.

Password management application provider SplashData has compiled a list of worst Internet passwords, and said that the easiest target for hackers is "Password."

"Hackers can easily break into many accounts just by repeatedly trying common passwords. Even though people are encouraged to select secure, strong passwords, many people continue to choose weak, easy-to-guess ones, placing themselves at risk from fraud and identity theft," SplashData CEO Morgan Slain said in an interview posted on tech site Mashable.

SplashData, which sells security services and password software, made the annual list of worst Internet passwords based on millions of stolen passwords posted online by hackers.

The top 25 worst passwords on SplashData's list are:

1. password

2. 123456

3. 12345678

4. qwerty

5. abc123

6. monkey

7. 1234567

8. letmein

9. trustno1

10. dragon

11. baseball

12. 111111

13. iloveyou

14. master

15. sunshine

16. ashley

17. bailey

18. passw0rd

19. shadow

20. 123123

21. 654321

22. superman

23. qazwsx

24. michael

25. football

To recall, months ago, hacking group Lulz Security posted e-mail addresses and passwords it obtained from victims of its high profile attack. LulzSec gained notoriety for its attacks on Sony Corp., the CIA, an FBI affiliate, the U.S. Senate, and the Arizona Department of Public Safety, among many others. In May, a large U.S. bank, Citibank, acknowledged more than 360,000 credit- card accounts, or 1.5 percent of credit card holders, in North America may have been compromised by hackers.

Mashable said SplashData has provided some tips for choosing secure passwords in a statement:

* Vary different types of characters in passwords, and include numbers, letters and special characters.

* Opt for passwords eight characters or longer, and separate short words with spaces or underscores.

* Avoid using the same password and username combination for multiple websites and services.