NEW YORK (CBSNewYork) — We all know that feeling of frustration when you go to sign into a bank or online store and can’t remember what password you used.

Many people try to solve this problem by picking passwords they can remember easily. Unfortunately, those passwords can also be guessed easily by hackers looking to drain your bank account or ring up fraudulent purchases.

In fact, this practice of using easy to guess passwords is so common that Time magazine culled a list of the Top 25 worst passwords for 2017, including:

• 123456
• Password
• QWERTY (the first six letters on a keyboard)

Hackers can guess these passwords and not only break into personal accounts, but also to break into company networks when employees use weak passwords.

Fortunately, there are tools and tricks you can use to avoid putting yourself at risk, CBS2’s cyber security expert Siobhan Gorman reports.

First, use long passwords-with at least 12 letters.

Second, avoid obvious substitutions-like changing out let letter O for ZERO. Hackers guess those all the time.

Third, avoid using the same password at least for sensitive accounts like banking.

To track all these passwords, you may want to use a password manager. Popular ones include Norton’s Identity Safe Password Generator and LastPass.

It may take a little extra time to set up a strong password system, but you can avoid a lot of frustration and risk of cyber break-ins later on.