Top 100 most common passwords from old public db leaks.

ignis-top-100-most-common.txt

Password     | Occurrence
_____________|____________
123456       |5377325
123456789    |1962160
password     |1190534
qwerty       |869629
12345678     |703220
12345        |679886
123123       |460430
1234         |448199
111111       |447730
1234567890   |397339
1234567      |391053
abc123       |294486
1q2w3e4r5t   |275945
q1w2e3r4t5y6 |270427
iloveyou     |261589
123          |259254
000000       |250011
123321       |212000
1q2w3e4r     |204137
qwertyuiop   |200944
654321       |193409
qwerty123    |180935
1qaz2wsx3edc |175205
password1    |171820
1qaz2wsx     |163731
666666       |162206
dragon       |155892
ashley       |149324
princess     |146810
987654321    |139286
123qwe       |139198
159753       |132287
zxcvbnm      |125224
monkey       |124991
q1w2e3r4     |124844
123123123    |122231
asdfghjkl    |119437
pokemon      |118887
112233       |116981
football     |116969
killer       |116417
michael      |116303
shadow       |115396
121212       |113750
daniel       |112629
asdasd       |111994
qazwsx       |111263
1234qwer     |110372
superman     |109987
123456a      |107963
qwe123       |107217
azerty       |107092
master       |105920
7777777      |105578
sunshine     |105355
1q2w3e       |101543
abcd1234     |99374
1234561      |97154
computer     |96117
fuckyou      |93768
aaaaaa       |93718
555555       |90939
asdfgh       |88947
asd123       |87783
baseball     |86910
0123456789   |86738
123654       |85838
charlie      |85747
qwer1234     |85123
a123456      |84436
naruto       |83808
jessica      |83516
Status       |83283
soccer       |83206
jordan       |82832
liverpool    |82775
thomas       |82621
lol123       |81244
michelle     |81210
123abc       |80594
1111         |80185
nicole       |78479
11111111     |77500
starwars     |76813
samsung      |76018
secret       |75460
joshua       |74505
123456789a   |73454
andrew       |72538
222222       |72347
q1w2e3r4t5   |72097
147258369    |72065
Password     |71745
hunter       |71419
qazwsxedc    |70512
lovely       |70251
999999       |70085
jennifer     |69932
tigger       |69471
letmein      |69390

How i got this data

Downloaded massive amounts of old and public leaks, and slowly indexed/pushed them to my own db. It was a painful process and long process and my SSD disk now wants to kill me.

After all was done, it was just a matter or formatting the tables in sql to make whole process easier.

Difference from rockyou.txt

Rockyou is old. And outdated. I've crunched most common 13M passwords and 9M of them weren't even in the rockyou.txt. I'm planning to release this wordlist soon.

F*ing formatting

Alright now, i don't leak databases and i don't condone leaking them, but if you are going to dump something use u\tp or something and not u:p, u;p, u,p, u::p, u:s:p and definitely not u -p you moron.

F*ing test accounts

A lot of test accounts are littering the databases and skewing the statistics, and its difficult to filter them correctly. So i just filtered out any username:password pairs which are repeated more than 10 times.

Most repeated credential set was repeated 6509 times:

sample@email.tst|g00dPa$$w0rD

Some test accounts shared common passwords and are more difficult to filter on a huge scale:

... 10k more rows here...
16666486|Geo.rgia.P.ru.i.t.t86.65.6@gmail.com|d2Xyw89sxJ|1
16666487|Geo.rgiaP.r.ui.t.t.86.6.5.6@gmail.com|d2Xyw89sxJ|1
16666488|Geo.rgiaPr.u.itt.8.6.6.5.6@gmail.com|d2Xyw89sxJ|1
16668953|Geor.g.i.aPr.u.i.tt8.66.5.6@gmail.com|d2Xyw89sxJ|1
16668954|Geor.g.iaP.r.ui.t.t.8.66.56@gmail.com|d2Xyw89sxJ|1
16668955|Geor.g.iaPr.u.i.tt8665.6@gmail.com|d2Xyw89sxJ|1
16668956|Geor.gi.aPr.u.i.t.t86.656@gmail.com|d2Xyw89sxJ|1
16668957|Geor.gia.P.ru.i.t.t866.56@gmail.com|d2Xyw89sxJ|1
16669513|Georg.i.aP.ruitt.8.66.5.6@gmail.com|d2Xyw89sxJ|1
16669514|Georg.ia.Pr.uit.t.86656@gmail.com|d2Xyw89sxJ|1
16675662|Georgia.Pr.u.i.t.t86.656@gmail.com|d2Xyw89sxJ|1

F*king 1 billion rows

It takes time. A lot of time.

Release when?

Im releasing 13M most common when im comfortable that i filtered all the crap correctly. So, more than a week, less than a month.

Good stuff, thanks for sharing! 👍

Good stuff, thanks for sharing! 👍

Thanks! I've released top 10M under https://github.com/FlameOfIgnis/Pwdb-Public