So, the NCSC has been running a study on the prevalence of the ‘Top 1000 Passwords’. It’s useful stuff, but I wondered – just how frequent are these passwords? How can they know? Where did this list come from?
I noticed, for example, that the list included baseball, which I gather is a degenerate form of rounders. It’s certainly not what I’d expect on a UK-centric list of passwords. Similarly, chicago, and redsox were unlikely. (There are, however, cricket and wanker, so it isn’t an entirely Americanised list).
I also noticed some passwords – like rasdzv3 – that I couldn’t see any obvious reason for being particularly popular.
Anyway – I wondered – how frequent are these? What was the most frequent? Continue reading “A brief analysis of the NCSC’s “Top 1000 Passwords” list”