Of the 11,716,208 passwords cracked , there were a total of 4,867,246 unique passwords and a shocking 630,000 used their username as their password. Keep in mind though that because the team was able to crack these passwords, this means that they were the weaker passwords. The average length of the passwords in this 11.7 million password subset had a length of 6 characters, with the longest being 28 characters long and the shortest being just 1 character.
Dan Goodin reporting at Ars Technica, completed some further analysis and detailed the top 10 passwords from the breach:And here's a look at some of the more interesting passwords:
23456 12345 Password DEFAULT 123456789 Qwerty 12345678 abc123 pussy 1234567
Most of these passwords are not unusual in this type of breach, as we have seen them time and time again. We reported last year that ‘123456’ was the worst password for 2013, but only after overtaking ‘password’ after it topped the list in 2012.
Those that are having doubts about using the site:
ishouldnotbedoingthis
ithinkilovemywife
thisiswrong
whatthehellamidoing
whyareyoudoingthis
cheatersneverprosper
donteventhinkaboutit
isthisreallyhappening
Passwords from xkcd (https://xkcd.com/936/):
batteryhorsestaple
correcthorsebatterystaple
Those who trusted AM:
youwillneverfindout
youwillnevergetthis
secretissafewithme
Source: Neowin