by Carl Mäsak
Some Perlmonks password statistics
PerlMonks has been hacked, and someone (or more likely a group of people) will perhaps feel the requisite brand of shame over the fact that a lot of people's passwords were leaked, because they were stored in clear text. Not only does that constitute a poor technological solution, it's also putting other people's entrusted private information, and parts of their digital identity, at risk. With people's privacy comes great responsibility.
Anyway, I took the leaked passwords and ran them through a script to get a bit of statistics on the different types of passwords used by a representative slice of the Perlmonks users:
total 567 (100.00%)
alphanumerics-only 517 ( 91.18%)
digits-only 9 ( 1.59%)
letters-only 233 ( 41.09%)
letters&u-score 2 ( 0.35%)
letters&digits 277 ( 48.85%)
letters&1digit 103 ( 18.17%)
letters&2digits 89 ( 15.70%)
letters&3digits 39 ( 6.88%)
letters&4digits 36 ( 6.35%)
letters&5digits 9 ( 1.59%)
letters&6digits 1 ( 0.18%)
with non-alnums 50 ( 8.82%)
1 non-alnum 34 ( 6.00%)
2 non-alnums 14 ( 2.47%)
3 non-alnums 2 ( 0.35%)
Here's the source code, a simple Perl 6 script. The source data is easy to find, but I'm not going to link to it.