If your password is on the list below you had better change it.

Among the 25 most common passwords among 3.3 million that were leaked online last year, the top two were once again "123456" and "password," according to a company that provides password management software.

SplashData, based in Los Gatos, Calif., said the top two passwords this year were the same as in 2013. The company  has compiled the list annually since 2011.

New additions to the Top 25 for 2014 include: baseball, dragon, football, mustang, access, master, michael, superman, 696969 and batman.

Common passwords are much easier for cybercriminals to guess. That makes users vulnerable to having accounts such as email and online banking hijacked and their identities stolen.

Sensitive data such as passwords are often posted online by hackers who steal them during attacks on websites and corporate networks. This year, most of the passwords came from users in North America and Western Europe.

Based on its analysis, SplashData recommends that when crafting your password:

  • Don't use keyboard patterns e.g. "qwertyuiop" from the top row of letters
  • Don't use a favourite sport – baseball and football were both in the Top 10, with hockey, soccer and golf in the Top 100.
  • Don't use your birthday or birth year. People in their early 20s seemed to be especially guilty of this, with the years 1989 to 1992 all in the top 100.
  • Don't use common names – michael, jennifer, thomas, jordan, hunter, michelle, charlie, andrew and daniel were all in the Top 50.

Here's the entire list:

  1. 123456
  2. password
  3. 12345
  4. 12345678
  5. qwerty
  6. 1234567890
  7. 1234 
  8. baseball
  9. dragon 
  10. football
  11. 1234567 
  12. monkey 
  13. letmein 
  14. abc123 
  15. 111111 
  16. mustang
  17. access 
  18. shadow
  19. master 
  20. michael
  21. superman 
  22. 696969 
  23. 123123 
  24. batman 
  25. trustno1