KnowBe4 - 86% Of Passwords Are Terrible And Employees Reuse Them All The Time

Troy Hunt, the founder of Haveibeenpwned came out with some brand new numbers that show there's bad news and there's more bad news.

A few months ago he launched V2 of his Pwned Passwords list (half a billion of them) and the idea is to make them into a blacklist, as per the recent NIST guidance:

When processing requests to establish and change memorized secrets, verifiers SHALL compare the prospective secrets against a list that contains values known to be commonly-used, expected, or compromised.


from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/86-of-passwords-are-terrible-and-employees-reuse-them-all-the-time