Here’s an interesting article – the list of the 25 most common passwords. But there’s a bigger lesson here. There have been multiple leaks from sites that haven’t encrypted their user’s passwords. And password files with 6.5 million passwords were uploaded to hackers sites in June, which can be used for dictionary attacks on user accounts. So the question isn’t is my password in the top 25, it’s does it occur in that 6.5 million record file just once? Because if it does, or it is a simple variant of one that does, it’s vulnerable.