Ashley Madison data crack yields 11.7 million passwords

The Ashley Madison saga continues. Earlier this month journalists unearthed curious data about the site's female userbase (or lack thereof) and now news reaches us that the CynoSure Prime team has managed to crack the password of around 11.7 million of the site's 36 million users.

Of the 11,716,208 passwords cracked , there were a total of 4,867,246 unique passwords and a shocking 630,000 used their username as their password. Keep in mind though that because the team was able to crack these passwords, this means that they were the weaker passwords. The average length of the passwords in this 11.7 million password subset had a length of 6 characters, with the longest being 28 characters long and the shortest being just 1 character.

Dan Goodin reporting at Ars Technica, completed some further analysis and detailed the top 10 passwords from the breach:

23456

12345

Password

DEFAULT

123456789

Qwerty

12345678

abc123

pussy

1234567

Most of these passwords are not unusual in this type of breach, as we have seen them time and time again. We reported last year that ‘123456’ was the worst password for 2013, but only after overtaking ‘password’ after it topped the list in 2012.

And here's a look at some of the more interesting passwords:

Those that are having doubts about using the site:
ishouldnotbedoingthis
ithinkilovemywife
thisiswrong
whatthehellamidoing
whyareyoudoingthis
cheatersneverprosper
donteventhinkaboutit
isthisreallyhappening

Passwords from xkcd (https://xkcd.com/936/):
batteryhorsestaple
correcthorsebatterystaple

Those who trusted AM:
youwillneverfindout
youwillnevergetthis
secretissafewithme

Source: Neowin