Wallogit.com
2017 © Pedro Peláez
A list of the top 10,000 most-used passwords from hacked password lists.
A list of the top 10,000 most-used passwords from hacked password lists., (*1)
Mutated list was generated by installing John the Ripper and running:, (*2)
john --wordlist=raw.txt --rules --stdout > raw-mutated.txt
This produces a list which starts with the top 10,000 and makes commonplace alterations to that list. This increases the size of the list from 10,000 → over 422,000., (*3)
NOTE: This is a list of known-bad clear text passwords. For a list of known-bad password SHA-1 hashes, see https://github.com/skyzyx/bad-password-hashes., (*4)
The following software is required for Bad Passwords to run:, (*5)
To add Bad Passwords as a Composer dependency in your composer.json file:, (*6)
{
"require": {
"skyzyx/bad-passwords": ">=1.0"
}
}
And include it in your scripts:, (*7)
require_once 'vendor/autoload.php';
To view the list of existing contributors, run the following command from the Terminal:, (*8)
git shortlog -sne --no-merges
Here's the process for contributing:, (*9)
My intention is to release all rights to this documentation and make it available under the Public Domain. Unfortunately, in the U.S. it's not quite that cut-and-dry. So, I am dual-licensing this work under CC0 and the Unlicense. You can choose whichever license you would prefer to adhere to., (*10)
To the extent possible under law,
Ryan Parman
has waived all copyright and related or neighboring rights to
"Bad Passwords".
This work is published from:
United States.
, (*11)
A list of the top 10,000 most-used passwords from hacked password lists.
public domain
password