[qingcharles]

I used be lead dev for a big streaming site with >2m users and, well, no judgment here please, but the passwords were plaintext in the database.

So me and another dev ran a SQL script to see what the most common were.

  #1 was trustno1
  #2 was password
  #3 was 1234

We had no password rules either, so IIRC you could have a 1-char password.

[shmuppet]

I always like Brian Kernighan's password "/.,/.," [1]. If you're going for a stupid password anyway might as well make is easy to type. "password" is not particularly nice to type; I wonder why "asdf" is not generally more popular.

[1] https://arstechnica.com/information-technology/2019/10/forum...

[qingcharles]

asdf and qwerty were up there in the top 10 I think. This was just prior to the days of SQL injection and I'm 100% sure you could have erased our entire production DB with a really "strong" password.