So, out of 188,279 stolen passwords, top ten used passwords were as follows:
We’re really not very surprised at seeing “123456”, “12345678” and “qwerty” sitting in top spots, as most people tend to just be lazy when devising passwords. There’s also the risk of forgetting it so its’s best to use a simple one - we get that. What we really don’t get though is where does “monkey” fit in. (Damn, I've gotta change my password. sub.ed.)
WSJ’s analysis also shows that Gmail and Yahoo email users are more prone to using eight or more characters in their passwords than Microsoft users.
You can find the full analysis here.