[jcrawfordor]

I regularly use hunter2 as the example or test value for passwords/keys. I wonder how many other people do this, and how many times it's accidentally leaked into production...

[Camillo]

It is a pretty good password. Just "hunter" is no good because it has no digits, so of course you'd add a "1"... but wait! It's actually a 2! That's the pro security twist the hackers won't expect.

[Buttons840]

It will take twice as long to crack, because hackers will have to try all letter combinations ending in 1 first.

[slyall]

I've got the devs using "password123" as the default in code because that value gets over-written.

Freaks me out every time I see it and I'm trying to get them to use "overwritten_on_deploy" or something similar.