CrackStation's Password Cracking Dictionary

I am releasing CrackStation's main password cracking dictionary (1,493,677,782 words, 15GB) for download.

What's in the list?

The list contains every wordlist, dictionary, and password database leak that I could find on the internet (and I spent a LOT of time looking). It also contains every word in the Wikipedia databases (pages-articles, retrieved 2010, all languages) as well as lots of books from Project Gutenberg. It also includes the passwords from some low-profile database breaches that were being sold in the underground years ago.

The format of the list is a standard text file sorted in non-case-sensitive alphabetical order. Lines are separated with a newline "\n" character.

You can test the list without downloading it by giving SHA256 hashes to the free hash cracker or to @PlzCrack on twitter. Here's a tool for computing hashes easily. Here are the results of cracking LinkedIn's and eHarmony's password hash leaks with the list.

The list is responsible for cracking about 30% of all hashes given to CrackStation's free hash cracker, but that figure should be taken with a grain of salt because some people try hashes of really weak passwords just to test the service, and others try to crack their hashes with other online hash crackers before finding CrackStation. Using the list, we were able to crack 49.98% of one customer's set of 373,000 human password hashes to motivate their move to a better salting scheme.

Step 1: Pay what you want.

The wordlist is being sold using a "pay what you want" model. That means you can pay absolutely any amount of money you want for the wordlist. Even nothing. Use the PayPal donate button, Bitcoin address, or Litecoin address below to make your payment.

How much should I pay?

Think about the following points when deciding how much to pay:

Bitcoin: 1G6PjrYhy5uXPsY1DxirEA3Ahx5EHn5W45

Litecoin: Lg46hm5DY5QT2TU7rUN5yHuGZ2PHqjUb9L

Step 2: Download!

Note: To download the torrents, you will need a torrent client like Transmission (for Linux and Mac), or uTorrent for Windows.

GZIP-compressed (level 9). 4.2 GiB compressed. 15 GiB uncompressed.

Checksums (crackstation.txt.gz)

MD5:    4748a72706ff934a17662446862ca4f8
SHA1:   efa3f5ecbfba03df523418a70871ec59757b6d3f
SHA256: a6dc17d27d0a34f57c989741acdd485b8aee45a6e9796daf8c9435370dc61612

Smaller Wordlist (Human Passwords Only)

I got some requests for a wordlist with just the "real human" passwords leaked from various website databases. This smaller list contains just those passwords. There are about 64 million passwords in this list!

GZIP-compressed. 247 MiB compressed. 684 MiB uncompressed.

Checksums (crackstation-human-only.txt.gz)

MD5:    fbc3ca43230086857aac9b71b588a574
SHA1:   116c5f60b50e80681842b5716be23951925e5ad3
SHA256: 201f8815c71a47d39775304aa422a505fc4cca18493cfaf5a76e608a72920267

Sharing and Licensing

Creative Commons License.

You are allowed to share these lists! They are both licensed under the Creative Commons Attribution-ShareAlike 3.0 license. If you do share them, I would appreciate it if you included a link to this page.