Table of Contents

Testing of passwdqc on the leaked RockYou password list

Input data

There are a total of 32,603,387 plaintext passwords on the RockYou list, including duplicates. There are 14,344,391 unique passwords.

Raw results

passwdqc 1.3.0 with default policy permits the following numbers of passwords from RockYou “top N” lists (most common N unique passwords):

Tested Permitted % of tested
10,000 0 0%
30,000 4 0.013%
100,000 18 0.018%
300,000 166 0.055%
1,000,000 2,273 0.227%
3,000,000 43,175 1.439%
10,000,000 290,991 2.910%
14,344,391 494,291 3.446%
32,603,387
non-unique
523,185 1.605%

passwdqc 1.2.2, same test:

Tested Permitted % permitted
10,000 0 0%
30,000 7 0.023%
100,000 35 0.035%
300,000 199 0.066%
1,000,000 2,333 0.233%
3,000,000 43,399 1.447%
10,000,000 291,622 2.916%
14,344,391 495,577 3.455%
32,603,387
non-unique
525,722 1.612%

What does this mean?

The very small percentages of permitted passwords for top 100,000 and top 1,000,000 are good: they indicate that the policy is working well, preventing those common and thus weak passwords from being set. The substantial increase in percentages of permitted passwords between 100,000 and 1,000,000, and between 1,000,000 and 10,000,000 are also good, indicating that less common passwords are indeed also less trivial and are harder to crack, as far as passwdqc can estimate. What's not so good, although is mostly not passwdqc's fault, is that the percentage stays rather low even for the entire RockYou list. This means that among passwords that people like to choose there are few that are good enough, at least as far as passwdqc can estimate.

Presumably, people actually wanted to set those passwords, and passwdqc's default policy only permits for a small minority of the passwords to be set. Thus, most people would probably consider the policy to be very strict and maybe annoying. This suggests that for typical uses there's hardly any room to make the policy even stricter. Given the results of testing on KoreLogic's DEFCON 2010 contest passwords, we can also say that there's little or no room to relax the policy while not allowing a significant percentage of easily crackable passwords to pass.

Additionally, if we're using so-called “fast hashes” (like misuse of e.g. raw SHA-256 for password hashing, or NTLM), we're in bad luck at preventing highly successful offline attacks on them (a policy to achieve that would need to be much stricter than passwdqc's default and thus likely unreasonable to use). For so-called “slow hashes”, things are reasonably good.

Back to passwdqc resources.

See also: Estimating the number of unique passwords in the world (using the RockYou list)