WSJ Blogs

Real-time commentary and analysis from The Wall Street Journal
Technology News and Insights

The Top 50 Gawker Media Passwords

By Zachary M. Seward and Albert Sun

Readers of Gizmodo, Lifehacker and other Gawker Media sites may be among the savviest on the Web, but the most common password for logging into those sites is embarrassingly easy to guess: “123456.” So is the runner-up: “password.”

On Sunday night, hackers posted online a trove of data from Gawker Media’s servers, including the usernames, email addresses and passwords of more than one million registered users. The passwords were originally encrypted, but 188,279 of them were decoded and made public as part of the hack. Using that dataset, we found the 50 most-popular Gawker Media passwords:

How do Gawker Media users express themselves when no one is watching? While many of their passwords are common phrases like “qwerty,” others appear distinctive to the Gawker community. Where else would “f—you,” “blahblah” and “whatever” rank among the most popular passwords? And why, oh why, is “monkey” in the top 10?

At least two popular passwords are science-fiction references: “trustno1″ was Special Agent Mulder‘s password on “The X-Files,” and “thx1138″ is a George Lucas film that envisioned a dystopian future. (There’s no way to tell, but these were likely created by users of Kotaku io9, Gawker Media’s popular gaming sci-fi site.) Other popular passwords are just plain-old geeky: “dragon,” “superman,” “princess,” “starwars” and “nintendo.” W00t!

The set of Gawker Media passwords differs significantly from a cache of 10,000 Hotmail passwords that leaked online last year, though “123456″ was the most popular among both groups. In both cases, the datasets only include passwords that could be decoded and aren’t necessarily representive of all users. For instance, more complex passwords may be harder to decode. We eliminated all identifiable information from the data we studied.

A plurality of Gawker Media passwords are six characters long, but we wondered whether that and other results might differ based on the user’s email provider. Indeed, users of Google and Yahoo’s email services are more likely than Microsoft email users to have passwords of eight or more characters. Popular passwords vary, as well: Gmail users are bigger X-Files fans (“trustno1″) and more likely to opt for the slightly clever variant “passw0rd.” Yahoo and Microsoft email users, meanwhile, are much more likely to get sappy with their passwords: “iloveyou.”

By this evening, Gawker Media said it had sent nearly 1.5 million emails to users notifying them of the hack. Slate put together a great tool for checking whether your information was compromised. And one of the best guides to creating a strong password (hint: not “123456″) is available on Lifehacker, a Gawker Media site.

Thanks to Michael Donohoe and Amy Langfield for tips as we constructed this post. We’ve posted the anonymized dataset of passwords on Google Fusion Tables, so you can play around with it. Let us know if you find anything interesting!

Add a Comment

We welcome thoughtful comments from readers. Please comply with our guidelines. Our blogs do not require the use of your real name.

Comments (5 of 150)

View all Comments »
    • Unknown message

    • A plurality of Gawker Media passwords are six characters long, but we wondered whether that and other results might differ based on the user’s email provider

    • @PJ We added the dashes for delicate eyes.

    • Has that password actually “f—you” or is this a cencored edition?

    • Of course you never use words or easy number-combinations for passwords. Perhaps many people do that because they have big problems remembering difficult letters- or numbercombinations. A combination of letters and numbers ar truly the best.