Ashley Madison data crack yields 11.7 million passwords

Posted on Monday, Sep 14 2015 @ 12:39 CEST by Thomas De Maesschalck
The Ashley Madison saga continues. Earlier this month journalists unearthed curious data about the site's female userbase (or lack thereof) and now news reaches us that the CynoSure Prime team has managed to crack the password of around 11.7 million of the site's 36 million users.

Of the 11,716,208 passwords cracked , there were a total of 4,867,246 unique passwords and a shocking 630,000 used their username as their password. Keep in mind though that because the team was able to crack these passwords, this means that they were the weaker passwords. The average length of the passwords in this 11.7 million password subset had a length of 6 characters, with the longest being 28 characters long and the shortest being just 1 character.
Dan Goodin reporting at Ars Technica, completed some further analysis and detailed the top 10 passwords from the breach:

  • 23456
  • 12345
  • Password
  • 123456789
  • Qwerty
  • 12345678
  • abc123
  • pussy
  • 1234567

    Most of these passwords are not unusual in this type of breach, as we have seen them time and time again. We reported last year that ‘123456’ was the worst password for 2013, but only after overtaking ‘password’ after it topped the list in 2012.
  • And here's a look at some of the more interesting passwords:
    Those that are having doubts about using the site:

    Passwords from xkcd (

    Those who trusted AM:
    AM site

    Source: Neowin

    About the Author

    Thomas De Maesschalck

    Thomas has been messing with computer since early childhood and firmly believes the Internet is the best thing since sliced bread. Enjoys playing with new tech, is fascinated by science, and passionate about financial markets. When not behind a computer, he can be found with running shoes on or lifting heavy weights in the weight room.

    Loading Comments