Millions of stolen Last.fm passwords have been decrypted. These are the top 50

I wonder how much passwords like "lastfm", "music" and "abcdefg123" are an indication of people just being bad with security, as opposed to people just not giving a damn... Amid the overflow of trivial sites requiring more and more login details, is there really a value in having strong passwords? Personally, I mostly don't care; I have strong passwords for important sites (banks, online stores that have my credit card details), but for the rest of logins, I use pretty trivial passwords - if someone "steals" my account, I'll just create another one!

I feel like this is misleading without the % share of the total. These top 50 represent 2.7% of the total. OK, that sounds bad, but I&#x27;m not really sure how to interpret it.<p>Even if we get better at this, the top passwords will still be these, they&#x27;ll just be lower as a % of the total. So until we have 100% unique passwords, this story will always be there, which just seems lazy.

If you follow the link in the article to leakedsource.com, it says:<p><pre><code> Passwords were stored using unsalted MD5 hashing. </code></pre> It&#x27;s 2016... why is this still happening?

This has been my go-to for passwords for awhile. Top 100, 500, 1000, etc all the way to millions. <a href="https:&#x2F;&#x2F;github.com&#x2F;danielmiessler&#x2F;SecLists&#x2F;tree&#x2F;master&#x2F;Passwords" rel="nofollow">https:&#x2F;&#x2F;github.com&#x2F;danielmiessler&#x2F;SecLists&#x2F;tree&#x2F;master&#x2F;Passw...</a>

I do hobby research into password guessing entropy and I&#x27;d love to get ahold of these lists of in-the-wild passwords. Is there any good source for such things? I don&#x27;t need usernames, just &quot;real&quot; passwords (with frequency data if I can get it).