15
YSK The World’s Most Common Passwords
(www.shithot.co.uk)
The thumbnail shows "assword" so I'll upvote.
Hunter2 or gtfo
All I see is *********
All I'm seeing is asterisks
It censors your password in real time. Check it out: **********
Nice thats usefull hunter2
I see password and password1
Mfw I’m sittin’ safe all the way down here at password69 😎
Monkey 🐵
So i guess p@s5w0RD123pA55wOrD would be super strong.
From my experience brute forcing passwords, no. It’s smart enough to try character substitutions and it annoys me so much that the FBI recommends this practice.
Wait it's not? I remember some people in the industry recommend this sort of password albeit with variation of other random words as it's pretty strong and would take a very long time to crack.
Indeed, just four impersonal words is a great password. Mix up the capitalization and it’s even better.
If it’s a bunch of words found in any dictionary then with or without character substitution it’ll be easy to crack.
It's not. A dictionary has on the order of ≈100,000 (10^5) words in it. Picking five words entirely at random gives you 10^25 combinations, which is about the complexity of 14 alphanumeric characters. So pretty secure.
I just see *******************
Need your credit card number and the 3 digit number at the back of the card to see what i typed.
That's okay at best. Better if a passphrase, just random, impersonal words, something like this (~50 bits of entropy):
"virtual raging vineyard clad runner"
Best is a long, completely random string, stored in the password manager that you should be using anyways ~150 bits of entropy):
"hX0hZ1QTWtQo(h[Ta9jH]TmsVIhUTgSE"
Pick password Unga. Monkey.
Hackers (1995) taught me the four most commonly used passwords are "love", "sex", "'secret", and "god".
"secret" is there. "iloveyou" has love in it.
I wonder how true that actually was in the 90s.
Before password composition rules, those were actually quite common, as well as passwords that were just the same as the username. Heck, it wasn't until that long ago that router manufacturers used to ship with admin/admin as the default credentials.
Honestly every networking company that couldn't be bothered to ship with randomized creds physically embedded/etched somewhere on the device should've probably went out of business. The cost has always been minimal and the increased security value has always been readily apparent.
Yeah, now in this enlightened future, they've ascended to admin/password. 😶
Hack the planet.
At least it isn't always Swordfish!
Operation suck his dick while he hacks the feds.
Such a great movie.
Mine is Secretsexgodoflove69!
I am really surprised some common shit is not there, like hello, hello1234, abcd1234 (and other perms have numbers in front, etc)
Really surprised my old one isn't on there. Dontknow.
I'm a little surprised not to see "changeme" on this list.
The default ca cert store password in Java is "changeit"
Strange how much higher the top one, 123456, is than the others, and how the most popular ones with repeating numbers also have 6 digits. Why do people like 6 digits so much more than 5 or 7?
Because of composition rules. Fewer characters, much easier to brute force guess.
So when a site tells you 'Your password must be at least 6 characters long', and they just want to get past it to get to the content, the number is already on their mind.
Honestly use Bitwarden
Password now set to "Bitwarden"
A normie ready solution, Foss chads will self host tho
according to data from the password security website called NordPass all of which would take a hacker less than a second to crack. Take a look at this quality design to learn about popular passwords that you definitely shouldn’t use such as 123456 which was used 3 million times, 123456789 which was used 1.6 million times, 12345678 which was used 885 thousand times, “password” which was used 692 thousand times and qwerty123 which was used 643 thousand times.
Is it normal for a password manager to be able to recognize which passwords are being used? Does this reflect badly on NordPass?
They didn't pull this data from their own users, but rather from six public leaks.
1-2-3-4-5-6!? That's the same code I use on my luggage!
I'm surrounded by assholes!
this post was submitted on 07 Aug 2025
15 points (85.7% liked)
You Should Know
40555 readers
129 users here now
YSK - for all the things that can make your life easier!
The rules for posting and commenting, besides the rules defined here for lemmy.world, are as follows:
Rules (interactive)
Rule 1- All posts must begin with YSK.
All posts must begin with YSK. If you're a Mastodon user, then include YSK after @youshouldknow. This is a community to share tips and tricks that will help you improve your life.
Rule 2- Your post body text must include the reason "Why" YSK:
**In your post's text body, you must include the reason "Why" YSK: It’s helpful for readability, and informs readers about the importance of the content. **
Rule 3- Do not seek mental, medical and professional help here.
Do not seek mental, medical and professional help here. Breaking this rule will not get you or your post removed, but it will put you at risk, and possibly in danger.
Rule 4- No self promotion or upvote-farming of any kind.
That's it.
Rule 5- No baiting or sealioning or promoting an agenda.
Posts and comments which, instead of being of an innocuous nature, are specifically intended (based on reports and in the opinion of our crack moderation team) to bait users into ideological wars on charged political topics will be removed and the authors warned - or banned - depending on severity.
Rule 6- Regarding non-YSK posts.
Provided it is about the community itself, you may post non-YSK posts using the [META] tag on your post title.
Rule 7- You can't harass or disturb other members.
If you harass or discriminate against any individual member, you will be removed.
If you are a member, sympathizer or a resemblant of a movement that is known to largely hate, mock, discriminate against, and/or want to take lives of a group of people and you were provably vocal about your hate, then you will be banned on sight.
For further explanation, clarification and feedback about this rule, you may follow this link.
Rule 8- All comments should try to stay relevant to their parent content.
Rule 9- Reposts from other platforms are not allowed.
Let everyone have their own content.
Rule 10- The majority of bots aren't allowed to participate here.
Unless included in our Whitelist for Bots, your bot will not be allowed to participate in this community. To have your bot whitelisted, please contact the moderators for a short review.
Rule 11- Posts must actually be true: Disiniformation, trolling, and being misleading will not be tolerated. Repeated or egregious attempts will earn you a ban. This also applies to filing reports: If you continually file false reports YOU WILL BE BANNED! We can see who reports what, and shenanigans will not be tolerated.
If you file a report, include what specific rule is being violated and how.
Partnered Communities:
You can view our partnered communities list by following this link. To partner with our community and be included, you are free to message the moderators or comment on a pinned post.
Community Moderation
For inquiry on becoming a moderator of this community, you may comment on the pinned post of the time, or simply shoot a message to the current moderators.
Credits
Our icon(masterpiece) was made by @clen15!
founded 2 years ago
MODERATORS