These are the most commonly used passwords that users all over the world currently use. It is not too hard to generate a better password using multiple combinations of upper and lower case letter and numbers coupled with other characters. This will help you create a proper password that will keep your data safe. Most websites should be encrypting your password in the MySQL database with an MD5 hash. This is not the best level of encryption; but this is better than nothing. Websites that do not encrypt your passwords properly should be avoided, Sony corporation are famous for storing user passwords in plain text; this means that no matter what password you have; it will obviously be worthless. And if you use the same password for other services, then you will be in great trouble. It is better to use a very complex password for any online services like E-Mail and online banking. That will keep you safer than if you are using monkey123 as a password. If someone is using a rainbow table to crack passwords; this password will be cracked in no time. A rainbow table stores all possible combinations of letters and numbers into as many possible passwords as will fit into a sensible file size. They are very good for cracking passwords coupled with software to do the brute force cracking of the password hash.
Linux stores the passwords in a password file and uses Blowfish encryption to store the password hashes. This is a very secure system; previous Linux distributions used the old MD5 encryption but that is deprecated nowadays. Below is an example of the /etc/shadow file on my Linux Mint Debian Edition netbook. This stores the password in this format: user:hash where hash is the Blowfish encrypted hash that contains your user password. This is why Linux is so much better than Windows. The passwords are stored in text files under /etc and everything is easily accessible. If you have ensured that you are actually using a secure enough password, then your system will be a little safer than if you use the password “password” or “password1”. Those passwords would be broken in no time; but a very long and complex password that uses many different characters like this example: “#%#$%$%^BOrT%$%^$^%2757546” would be more difficult to break than the password “security123”. There is software available that can be used to crack passwords on Linux and Windows. John the Ripper is one good example. This is available here: http://www.openwall.com/john/. There is also a new 25 GPU cluster that has been developed that try every password used on a Windows Enterprise network in under six hours.
Read more about this here: http://arstechnica.com/security/2012/12/25-gpu-cluster-cracks-every-standard-windows-password-in-6-hours/. A GPU can crack passwords faster than a CPU as it has much more power for performing mathematical calculations. This means that a SLI GPU system can have a massive amount of power when all the GPUs are working together. It is surprising that password is still a commonly used password. I would have thought that people would have learned by now. If anyone wants to try and crack the root password on my netbook they are welcome.
root:$6$pewWotI6$uCNkYOM6jn8c2ALf.VTvkwgM0MuEXNbtB9mbXTam0jtTYrtPzznBQ1B8OFQew0HREdtctUjQwHstGT8q5ncaG.:15520:0:99999:7::: daemon:*:14825:0:99999:7::: bin:*:14825:0:99999:7::: sys:*:14825:0:99999:7::: sync:*:14825:0:99999:7::: games:*:14825:0:99999:7::: man:*:14825:0:99999:7::: lp:*:14825:0:99999:7::: mail:*:14825:0:99999:7::: news:*:14825:0:99999:7::: uucp:*:14825:0:99999:7::: proxy:*:14825:0:99999:7::: www-data:*:14825:0:99999:7::: backup:*:14825:0:99999:7::: list:*:14825:0:99999:7::: irc:*:14825:0:99999:7::: gnats:*:14825:0:99999:7::: nobody:*:14825:0:99999:7::: libuuid:!:14825:0:99999:7::: Debian-exim:!:14825:0:99999:7::: statd:*:14825:0:99999:7::: messagebus:*:14825:0:99999:7::: avahi:*:14825:0:99999:7::: usbmux:*:14825:0:99999:7::: festival:*:14825:0:99999:7::: haldaemon:*:14836:0:99999:7::: pulse:*:14836:0:99999:7::: saned:*:14836:0:99999:7::: colord:*:15425:0:99999:7::: hplip:*:15425:0:99999:7::: rtkit:*:15425:0:99999:7::: ntp:*:15426:0:99999:7::: mdm:*:15450:0:99999:7::: john:$6$TPTHzabH$JZcvTeTqLy0y9zqpu9VMs9HjgITWUBxt3koo/imgD1tgUwE/IshQRUrelteb7kWZN9h0Bd0bUr.U2GnuSlqDS/:15520:0:99999:7::: lightdm:*:15566:0:99999:7::: timidity:*:15631:0:99999:7::: snort:*:15643:0:99999:7::: mysql:!:15657:0:99999:7:::