rockyou.txt: the history of the world's most famous wordlist (2026)
rockyou.txt was born from a 2009 breach where 32 million passwords were stored in plaintext. It became the default pentest wordlist for a decade — but weakpass.com's 2026 rankings show it's no longer top-tier. Smaller, curated cuts (rockyou-65.txt) and continuously-refreshed 'found in the wild' lists from hashmob.net now outrank the original and its billion-entry sequels rockyou2021.txt and rockyou2024.txt.