Building the Ideal 100-word Password List

There’s some phenomenal password research here from clarkson.edu that talks about common passwords found during Internet attacks.

I’ve taken those entries and put them into a single list here on Github, and I will soon be adding the abridged rockyou list (once I get their permission). Thanks to @jhaddix for pointing me toward that list.

The idea is to maintain a tight, ever-evolving password list that I can use for busting accounts, and people can fork as desired. So as new research comes out on more up-to-date passwords, I’ll update the list.

Let me know if you’re interested in participating.

::

Related posts:

1. 10 Behaviors That Will Reduce Your Risk Online

2. A 3-Tiered Approach to Securing Your Home Network

3. Why Required Password Changes Reduce Security

4. A Rudimentary Threat Model Framework for Password vs. TouchID vs. FaceID

5. How to Calculate and Communicate Your Desired Total Compensation