Skip to main content

Dates in Leaked Passwords

I have been playing with data from haveibeenpwned.com, especially I was exploring 8-digit passwords that look like dates.


I checked all dates between 19000101 and 20231231, where

- The date must be in the YYYYMMDD format

- Some invalid dates are also included, e.g. 19120231


Further, by default I only analyzed valid dates after 19240101.


By Year

1986 is the most popular year. It roughly forms a normal distribution. The distribution might review the distribution of the ages of the users (of the leaked services).


By Month & Day

It is clear that October, November and December are more popular than other months, but I think this is is because people may use 1912312 rather than 19120312.

We can also see a pattern for each month, especially 1st is more popular than other days.

Other than those, the passwords are roughly evenly distributed among all days.

The most popular dates are:
  • 0101, #=81516
  • 1010, #=79997
  • 1212, #=71724
  • 1111, #=62065
  • 1001, #=61109
Seems that they are just nice & easy patterns to type.

And the least popular dates are:
  • 0229, #=7075
  • 0731, #=20302
  • 0730, #=20846
  • 0531, #=21543
  • 0131, #=21646
0229 is obvious, but all other dates are all about the end of months, maybe this is not an coincidence.


By Day

31st is the least popular, which is obvious.

There's a sudden drop between 12th and 13th, which I don't really understand. This might contradict with my idea above, that people may type 9 instead of 09.



By Year & Month & Day

The most popular ones are:
  • 19870212, #=12359
  • 19821108, #=10812
  • 19941028, #=10097
  • 19810301, #=9528
  • 19960122, #=8906
The least popular ones (but appear in the database) are:
  • 19410417, #=1
  • 19410504, #=1
  • 19350824, #=1
  • 19290519, #=1
  • 19290525, #=1
Besides the popularily of the years, I cannot really draw any conclusions.


Invalid Dates

The most popular invalid dates are:
  • 19860229, #=362
  • 19820229, #=296
  • 19870229, #=228
  • 19890229, #=203
  • 19860230, #=192

Conclusions

By no means are the results scientific, it's just me having some fun.
If there's anything to remember, never use 19870212 as your password!

Labels:

Comments

Post a Comment

Popular posts from this blog

Determine Perspective Lines With Off-page Vanishing Point

In perspective drawing, a vanishing point represents a group of parallel lines, in other words, a direction. For any point on the paper, if we want a line towards the same direction (in the 3d space), we simply draw a line through it and the vanishing point. But sometimes the vanishing point is too far away, such that it is outside the paper/canvas. In this example, we have a point P and two perspective lines L1 and L2. The vanishing point VP is naturally the intersection of L1 and L2. The task is to draw a line through P and VP, without having VP on the paper. I am aware of a few traditional solutions: 1. Use extra pieces of paper such that we can extend L1 and L2 until we see VP. 2. Draw everything in a smaller scale, such that we can see both P and VP on the paper. Draw the line and scale everything back. 3. Draw a perspective grid using the Brewer Method. #1 and #2 might be quite practical. #3 may not guarantee a solution, unless we can measure distances/p...
3 comments
Read More »

Chasing an IO Phantom

My home server has been weird since months ago, it just becomes unresponsive occassionally. It is annoying but it happens only rarely, so normally I'd just wait or reboot it. But weeks ago I decided to get to the bottom of it. What's Wrong My system set up is: Root: SSD, LUKS + LVM + Ext4 Data: HDD, LUKS + ZFS 16GB RAM + 1GB swap Rootless dockerd The system may become unresponsive, when the IO on HDD  is persistantly high for a while. Also: Often kswapd0 has high CPU High IO on root fs (SSD) From dockerd and some containers RAM usage is high, swap usage is low It is very strange that IO on HDD can affect SSD. Note that when this happens, even stopping the IO on HDD does not always help. Usually restarting dockerd does not help, but rebooting helps. Investigation: Swap An obvious potential root cause is the swap. High CPU on kswapd0 usually means the free memory is low and the kernel is busy exchanging data between disk and swap. However, I tried the following steps, none of the...
Post a Comment
Read More »

Fix Google Security Code

Google Security Code (http://g.co/sc) is one type of 2-step verification. This is particularly useful when security keys and passkeys are not available. I have been using it in my LXC containers, until today I found out that it stopped working. It just kept saying "The code is invalid". It is easy to rule out some factors: The code works on other browsers on my laptop. The code works on other devices that are directly connected to the router. So it appears that Google also checks IP addresses besides the security code. Recently I have IPv6 enabled, so most devices that are directly connected to the router have both IPv4 and IPv6 addresses. But  I only enabled IPv4 for my LXC containers. So I guess when a code is generated by device A and used by device B, Google should be able to check that device A and device B are closely located. But in my case, IPv6 address appears on device A but not on device B, which may look suspicious. To fix the problem, I just needed to disable IPv...
Post a Comment
Read More »