A recent post on Ars Technica provides an interesting look at the strength of passwords.

People seem to be getting the message about using strong passwords, because the worst passwords are being used less frequently. For example, the notoriously bad password ‘123456’ was used in less than 1% of the sample data, down from 8.5% in previous studies.

But while these findings are encouraging, it’s important to recognize that the data is likely skewed, because it is mostly obtained from public dumps of data taken from compromised systems.