It is no secret that people tend to be lazy. There is no better demonstration of this fact than people’s password selection. This presentation will discuss trends and common unique passwords that have been identified from analyzing tens of thousands of accounts and passwords in use in today’s corporate environments. This is not password analysis of the lame public breaches of some unheard of websites. The passwords were obtained by real penetration assessments and the passwords are what corporate users believe are secure passwords. This will highlight the different types of passwords users choose when faced with varying complexity requirements. Chris Murrey and Jake Garlie put this knowledge to use in every penetration test and have had phenomenal success in breaking in to a wide variety of organizations.