We inspected the best in class Intra-Site Password Reuses (ISPR) and Cross-Site Password Reuses (CSPR) in view of the spilled passwords from the greatest Internet client gathering. With an accumulation of around 70 million genuine web passwords crosswise over four expansive sites in China, we acquired around 4.6 million unmistakable clients who have numerous records on a similar website or crosswise over various sites. We found that for the clients with numerous records in a solitary site reused their passwords and for the clients with different records on various sites reused their passwords crosswise over sites. For the clients that have numerous records however extraordinary passwords, the arrangement of passwords of a similar client displays designs that can help password speculating: a released feeble secret key uncovers halfway data of a solid one, which corrupts the quality of the solid one.

R. Morris and K. Thompson, “Password security: A case history,” Communications of the ACM, vol. 22(11), pp. 594–597, 1979.

A. Das, J. Bonneau, M. Caesar, N. Borisov, and X. Wang, “The tangled web of password reuse,” in NDSS’2014, 2014.

D. Florencio and C. Herley, “A large-scale study of web password habits,” in WWW’07 Proceedings of the 16th international conference on World Wide Web, 2007, pp. 657–666.

CSDN, http://www.csdn.net/company/about.html.

Tianya, http://help.tianya.cn/about/history/2011/06/02/ 166666.shtml.

Duduniu, “http://baike.baidu.com/view/1557125.htm.”

7k7k, http://www.7k7k.com/html/about.htm.

J. Bonneau, “The science of guessing: Analyzing an anonymized corpus of 70 million passwords,” in 2012 IEEE Symposium on Security and Privacy (SP), 2012, pp. 538–552.

J. Ma, W. Yang, M. Luo, and N. LI, “A study of probabilistic password models,” in Proceedings of IEEE Symposium on Security & Privacy, 2014.

Z. Li, W. Han, and W. Xu, “A large-scale empirical analysis of chinese web passwords,” in 23rd Usenix Security Symposium. San Diego: USENIX, 2014.

D. Wang, H. Cheng, Q. Gu, and P. Wang, “Understanding passwords of chineseusers:characteristics, security and implications,” https://www.researchgate.net/, July 2014.

D. Schweitzer, J. Boleng, C. Hughes, and L. Murphy, “Visualizing keyboard pattern passwords,” in Visualization for Cyber Security, 2009. VizSec 2009. 6th International Workshop on. IEEE, 2009, pp. 69–73.

Wikipedia, “Levenshtein distance,” http://en.wikipedia.org/wiki/Levenshtein distance, May 2014.

——, “Longest common subsequence problem,” http://en.wikipedia.org/wiki/Longest common subsequence, May 2014.

J. the Ripper, “John the ripper password cracker,” http://www.openwall.com/john/, May 2014.