Study Publisher: Trustwave
Study Date: February 22 2013
Study URL: https://www.trustwave.com/Resources/Global-Security-Report-Archive/

Study Overview:
Trustwave obtained hashed passwords from thousands of network penetration tests performed throughout 2012, mainly from Active Directory servers. Their collection contained nearly 3.1 million passwords. Over 95.52% (approximately 2,961,120) were recovered via password cracking and then analyzed by Trustwave.

Statistics From This Study:

• Common keywords found in cracked corporate passwords (2013)
• Typical lengths of corporate user passwords (2013)
• What are common character sequences or masks of corporate passwords? (2013)
• What are the common characters used in corporate passwords? (2013)