Common Passwords

We tend to forget our passwords that is why we keep simple or common passwords which are usually easy to remember. These passwords most of the time contains common English words. This is where an attacker or adversary takes advantage and use a file that contains all common passwords against you. This file we usually refer as dictionary file. One of the common dictionary which is used by every attacker or penetration tester is 'rockyou.txt'. This file comes with Linux Operating System by default. If we want to confirm whether the password that we are using is present in this dictionary file or not, then we can take advantage of the command given below.

> grep '^YOUR_PASSWORD$' /usr/share/wordlists/rockyou.txt

If this returns your password, then your password is not safe or secure, or in other words we can say it is not much complex.

However it is not guaranteed that if your password doesn't exist in rockyou.txt dictionary file is not hackable, there are various tools or utilities available now in order to facilitate attacker to create custom dictionary file specific to their target. But its better to be more complex and headache for bad guys ;)