@inproceedings{5e5fa786e7124b5490e5df7562fe4eba,
title = "Common passwords and common words in passwords",
abstract = "Passwords often include dictionary words or meaningful strings. Figuring out these words or strings may significantly reduce the number of password guessing. The wordlists used by password cracking software, such as Hashcat, typically include the words from various dictionaries and leaked plain passwords. Is it really necessary to put all dictionary words and leaked passwords into the wordlist? In this work, we use Mac system dictionary and rockyou.com leak as two sample wordlists to check the substrings of over 600 million leaked passwords from different websites. We find only a small portion of words from these two wordlists are used by the leaked passwords. More specifically, about 90,000 out of 235,886 Mac dictionary words and about six millions out of 13 millions rockyou.com unique passwords are used by the leaked passwords. In addition to that, we find that a small portion of unique passwords are shared by a large portion of accounts.",
keywords = "Dictionary, Hashcat, Password, Substring",
author = "Jikai Li and Ethan Zeigler and Thomas Holland and Dimitris Papamichail and David Greco and Joshua Grabentein and Daan Liang",
note = "Funding Information: This work is supported by ELSA high performance computing cluster at The College of New Jersey. ELSA is funded by National Science Foundation grant OAC-1828163. Publisher Copyright: {\textcopyright} The Editor(s) (if applicable) and The Author(s), under exclusive license to Springer Nature Switzerland AG 2020.; null ; Conference date: 07-04-2020 Through 10-04-2020",
year = "2020",
doi = "10.1007/978-3-030-45691-7_77",
language = "English",
isbn = "9783030456900",
series = "Advances in Intelligent Systems and Computing",
publisher = "Springer",
pages = "818--827",
editor = "{\'A}lvaro Rocha and Hojjat Adeli and Reis, {Lu{\'i}s Paulo} and Sandra Costanzo and Irena Orovic and Fernando Moreira",
booktitle = "Trends and Innovations in Information Systems and Technologies - Volume 2, WorldCIST 2020",
}