CBT Nuggets analyzed the leaked accounts for root words and easy-to-guess elements. Among other information, the analysis revealed the top 30 most leaked passwords, the total number of passwords leaked by name, age bracket, gender, and even state of residence. The percentage of people who use their own names in their passwords is 42.1 percent.
Among the 50,000 accounts, of the 30 most common passwords the top 10 were love, star, girl, rock, miss, hell, Mike, John, and baby. Hackers, who have access to more than just one study of leaked info, start by running the most common passwords — if they don’t have to work hard, they won’t complain. CBT Nugget recommends avoiding the most popular passwords and use made up word and letter, number, and special character combinations.
According to the report, people with certain first names are most likely to have their passwords leaked, whether they use their names in their passwords or not. For gender-indicative names (certainly not gender-specific), Mike, Chris, John, Dave or Matt are the top five for males and Jen, Jessica, Sarah, Amanda, and Michelle take the lead for women. Overall, males accounted for 53 percent of the leaked passwords and females 47 percent.
Account holder age mattered, too, with millennials far in the lead. Of the leaked accounts, fully 65 percent were 25-34 years old, followed by 16 percent aged 35-44, and 13.6 percent 21-24. All other age groupings were 2.5 percent or lower.
Within U.S. states, 4.67 leaked passwords per 100,000 residents was the average. Hawaii had the highest average at 38.71 passwords, followed by California with 18.18, and Nevada with 12.42.
Some people use their own name in your password, and among the top 25 leading offenders, people named Amy used their name either as or part of their password 60 percent of the time, followed by Lisa (59 percent), Scott (56 percent), Mark (54 percent), and Laura (53 percent). Even people named Dave or David — No. 25 on the list — used their name 45 percent of the time.
Yahoo emails accounted for about 48 percent of the leaked accounts, followed by Hotmail and Gmail at 17 percent, and AOL at 7 percent. All others accounted for 10 percent. Even though AOL accounts were the least leaked, the study showed that service had the highest incidence (46 percent) of people using part of their name or username in their passwords.
More details:
https://blog.cbtnuggets.com/2016/12/leaky-logins-50000-passwords-exposed
http://www.gallup.com/poll/178856/hacking-tops-list-crimes-americans-worry.aspx