Online commonly used password database

[Mike Shaw <mshaw () wwisp com>]

Does anyone know of a commonly used password database?  I know that 
dictionaries and password list files abound.  But what I'm thinking of is a 
central Big-Ol'(tm) database of passwords that's constantly being updated 
with everyone doing pen-test crack sessions out there.  The site would 
produce a daily file comprising of all the passwords in the list.

Why?  Everyone on this list has seen "qwerty12345" and the like out 
there.  But what about "qwerty>12345"?  Yet it's a safe bet that that 
password has been used by at least a few people in the entire history of 
passwords.  The ultimate goal would be to crack the "monkeys with 
typewriters" algorithm of password generation by securing the most common 
things that the brain comes up with--even down to the level of commonly 
used two letter combinations (note that this would be different than the 
standard cryptographic techniques because people choose passwords 
differently).  But in the short term it would just be cool to have a 
centralized list to pool efforts.

Of course, there would be security problems with what was 
submitted.  Something such as  a password of "xyzcorpxyzcorp" would 
obviously be a hazard since there is only one xyzcorp out there, so some 
discretion would have to be exercised by the submitter.  One option would 
be to not have passwords "activated" in the downloadable password list 
unless 2 instances of it occurred.

Of course I could be barking up a well worn tree.  In that case I'd like to 
see what work has been done in this area.

-Mike


----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/