Password The Game Word List

Posted on by

I am releasing CrackStation's main password cracking dictionary (1,493,677,782words, 15GB) for download.

Procedure for Password, a fun Speaking Games for Kids (or Adults!): If you want to know how to play password in the classroom, then keep on reading for all the details you need to know. In advance, prepare a list of English words. These can be vocabulary or just words you expect your students to know. Divide the class into two groups.

  1. Password Board Game Word List Password originally aired for 1,555 daytime telecasts each weekday from October 2, 1961, to September 15, 1967, on CBS, along with weekly prime time airings from January 2, 1962, to September 9, 1965, and December 25, 1966, to May 22, 1967.
  2. Some of the words may repeat from other study guides. But some are new. Learn with flashcards, games, and more — for free.

What's in the list?

The list contains every wordlist, dictionary, and password database leak thatI could find on the internet (and I spent a LOT of time looking). It alsocontains every word in the Wikipedia databases (pages-articles, retrieved 2010,all languages) as well as lots of books from Project Gutenberg. It also includes thepasswords from some low-profile database breaches that were being sold in theunderground years ago.

The format of the list is a standard text file sorted in non-case-sensitivealphabetical order. Lines are separated with a newline 'n' character.

You can test the list without downloading it by giving SHA256 hashes to the free hash cracker. Here's a tool for computing hashes easily.Here are the results of cracking LinkedIn'sand eHarmony's password hash leaks with the list.

The list is responsible forcracking about 30% of all hashes given to CrackStation's free hash cracker, butthat figure should be taken with a grain of salt because some people try hashesof really weak passwords just to test the service, and others try to crack theirhashes with other online hash crackers before finding CrackStation. Using thelist, we were able to crack 49.98% of one customer's set of 373,000human password hashes to motivate their move to a better salting scheme.

Download

Note: To download the torrents, you will need a torrent client likeTransmission (for Linux and Mac), or uTorrent for Windows.

Torrent (Fast)
GZIP-compressed (level 9). 4.2 GiB compressed. 15 GiB uncompressed.
HTTP Mirror (Slow)

Checksums (crackstation.txt.gz)

Smaller Wordlist (Human Passwords Only)

I got some requests for a wordlist with just the 'real human' passwords leakedfrom various website databases. This smaller list contains just those passwords.There are about 64 million passwords in this list!

Torrent (Fast)
GZIP-compressed. 247 MiB compressed. 684 MiB uncompressed.
HTTP Mirror (Slow)
Password the game word list generator

Checksums (crackstation-human-only.txt.gz)

Sharing and Licensing

You are allowed to share these lists! They are both licensed underthe CreativeCommons Attribution-ShareAlike 3.0 license. If you do share them, I wouldappreciate it if you included a link to this page.

Is it actually safe to use Password Checkers?

If you’re reading this section, then good – the quickest way to get hacked online is to be too trusting or assume websites are automatically safe. It’s good to be cautious and it’s never a good idea to enter your legitimate credentials into any website you are not confident about. The ones to watch especially are those who ask you to input your credentials.

So, why is this Password Strength Meter safe?

Password the game word list game
  • The passwords you type never leave your browser and we don’t store them (You can disconnect your internet connection and then try it if you wish)
  • All the checking is done on the page you’re on, not on our servers
  • Even if the password was sent to us, we wouldn’t actually know who you were anyway – so couldn’t match it up to any usernames or any websites you may visit
  • We’re in the business of making people more secure online and the last thing we want to see is passwords being transmitted across the internet insecurely.

How does My1Login's Password Strength Checker work?

  • The password strength calculator uses a variety of techniques to check how strong a password is. It uses common password dictionaries, regular dictionaries, first name and last name dictionaries and others. It also performs substitution attacks on these common words and names, replacing letters with numbers and symbols – for example it’ll replace A’s with 4’s and @’s, E’s with 3’s, I’s with 1’s and !’s and many more. Substitution is very typical by people who think they’re making passwords stronger – hackers know this though so it’s one of the first things hacking software uses to crack a password
  • The password strength meter checks for sequences of characters being used such as '12345' or '67890'
  • It even checks for proximity of characters on the keyboard such as 'qwert' or 'asdf'.

Common mistakes and misconceptions

  • Replacing letters with digits and symbols. This technique is well known to hackers so swapping an 'E' for a '3' or a '5' for a '$' doesn't make you much more secure
  • That meeting the minimum requirements for a password makes it strong. By today's standards, an 8-character password won't make you very secure
  • That it’s fine to use the same password a lot as long as it’s strong – what if the website is hacked? Do you know how the website stores your password? What if they store it in plaintext?

Guilty

  • Weak practices – storing passwords in the notes field on your phone, does it auto sync to the cloud, iCloud or Dropbox
  • Putting them in a spreadsheet, even password protecting a spreadsheet doesn’t keep the information safe. Check out our blog on this and other security subjects.

What makes a strong password?

A strong password is one that’s either not easily guessed or not easily brute forced. To make it not easily guessed it can’t be a simple word, to make it not easily cracked it needs to be long and complex. Super computers can go through billions of attempts per second to guess a password. Try to make your passwords a minimum of 14 characters.

Passphrase

A passphrase is simply a password, that’s longer, it could be a sentence, with spaces and punctuation in it. The benefit of a passphrase is that typically they’re easier to remember, but more difficult to crack due to their length. For every additional character in the length of a password or passphrase, the time it would take to break increases exponentially. Ultimately that means that having a long password or passphrase can make you far more secure than having a short one with some symbols or numbers in it.

List Of Password Clues

Your free guide to protect your business from being hacked