Pittsburgh Tech Guy

Posted on the Internet for the whole world to see were 8 million passwords.  You've probably heard about the 8 million passwords leaked from LinkedIn and a dating site (likely eHarmony) that appeared on the Internet today. 12345 itself wasn't used, but that's only because LinkedIn requires passwords to be at least six characters. 123456, 1234567, and 12345678 were all leaked, as were the usual contenders for worst passwords such as, well, "password."  

If you type a password into LeakedIn's search box, you'll be told whether it was leaked and cracked. In some cases, you'll be told a password was leaked but not yet cracked. The site uses JavaScript to hash your passwords and then checks the hashed version against the leaked password lists. Hashes that have been cracked were prepended with "00000" by the people who run the site to tell them apart from those not cracked by hackers yet.

If there's one positive, it's that typing awful passwords into LeakedIn and seeing what's been leaked is tremendous fun. My own LinkedIn password was leaked (OK, that's not so fun), as were others I might have conceivably used, such as "supermario," and "frodolives."

If you haven't already changed your LinkedIn password, go ahead and do that now. After you're done, feel free to search LeakedIn for a bit. What are the worst passwords you can find?