In a sample of over ten thousand pilfered Live ID login data that was posted in text file form on the PasteBin.com developer site, it was revealed that the most common password used in the worldwide web is still the guessable "123456", which is about as secure as using the woefully exposed "password" as your password. According to Neil O'Neil, who is the Logic Group's digital forensics investigator, "123456" appeared on the list for a total of sixty-four times.

What's more, there were over eighteen instances of the second most popular password, "123456789". Even though sixty-four out of ten thousand instances may not sound too bad to you, it shows that a lot of people in general (six thousand four hundred out of a million or sixty-four thousand out of ten million, for example) who are very vulnerable to hacks and identity theft simply because they couldn't be bothered to practice proper password selection.

Even though the owners of PasteBin had long ago removed the list, its data can still be retrieved by security researchers and hackers alike, or most IT-proficient individuals who cared enough to track it down. Experts who have analyzed the list intend to turn the gathered information into an easily comprehensible presentation about corporate client password security (or lack thereof).

Because there were a large number of spelling and typographical errors in the secondary data of the PasteBin catalog (mostly on the retrieved emails) available alongside the list of passwords, investigators believe the source of the information was from a phishing attack. More to the point, the inventory had all the earmarks of a Hotmail raw data dump from unsuspecting users who were tricked into filling out forms and the like on phisher-developed faux sites impersonating a security check for financial institutions, online payment services, and the like.

The security investigators' further analysis of the collected passwords show that there were verifiable trends in their development. For instance, there was a large percentage of passwords that were dates of birth (a trend that yields poor password strength) or easily deducible ones like "666666" or "ibelongtogod" for those deeply religious individuals. People should remember that personal information is more often than not retrievable over the web, so hackers can effortlessly do a "background" check on you and then use that data to hack your accounts.