There is a treasure trove of leaked passwords out there called:
Rock You. This file (once uncompressed) is near 100 GB in size.
It currently holds about 8.45 billion passwords that have been leaked
one way or another into the wild. This list contains the passwords
only, not any correlating sites.
So, I downloaded the monster and unpacked it.
I wrote a program to split it into 4 files and stored those on 4
separate external drives.
I exported my 1Password database to a .csv file in a ramdisk.
Wrote another program to load these known passwords into a b-tree and
then read in the files from the external disks and look for matches.
This is run in 4 threads to speed things up - still takes quite a while
to search through. (If I used a hash instead of a b-tree it would be a
little quicker).
Over time, it appears, I've used some trivial passwords and they've come
up in my search (about 20 of them). These are for the most part for
"throw away" access to some sites. There are two I'll go tidy up.
Some systematic password silliness that I turned up (not my passwords):
4
2086000000 98.6% zyxel-037-lry
4
2087000000 98.7% zyxel-094-izh
4
2088000000 98.7% zyxel-151-gfr
4
2089000000 98.8% zyxel-208-dmj
4 2090000000 98.8% zyxel-265-att
4 2091000000 98.9% zyxel-321-ybc
4
2092000000 98.9% zyxel-378-vil
4
2093000000 99.0% zyxel-435-spv
4
2094000000 99.0% zyxel-492-pxi
4
2095000000 99.1% zyxel-549-ner
4
2096000000 99.1% zyxel-606-klz
4
2097000000 99.2% zyxel-663-htm
4
2098000000 99.2% zyxel-720-far
4
2099000000 99.3% zyxel-777-cib
4 2100000000 99.3% zyxel-833-zpl
4 2101000000 99.3% zyxel-890-wwo
4
2102000000 99.4% zyxel-947-udx
Meaning there are about 17 MILLION passwords in the form above!
Ridiculous! Esp. that they ended up leaked!
--
“Donald Trump and his allies and supporters are a clear and present
danger to American democracy.”
- J Michael Luttig - 2022-06-16
- Former US appellate court judge (R) testifying to the January 6
committee