"We do not (yet) have the keys Adobe used to encrypt the passwords of 130,324,429 users affected by their most recent breach. However, thanks to Adobe choosing symmetric key encryption over hashing, selecting ECB mode, and using the same key for every password, combined with a large number of known plaintexts and the generosity of users who flat-out gave us their password in their password hint, this is not preventing us from presenting you with this list of the top 100 passwords selected by Adobe users," Gosney wrote.
According to the Top 100 list, nearly 1.9 million accounts used '123456' as their password, with more than 440,000 accounts opting to go with '123456789' instead. After that, 'password,' 'adobe123,' and '12345678,' rounded out the top five.
Based on the list, many of the accounts exposed during the breach likely used a throwaway password, on the basis that their Adobe account wasn't important. However, people are creatures of habit, and the fear is that password recycling could be an issue given that email addresses were also exposed.
If you'd like to check and see if your email address is in the list of compromised Adobe data currently circulating online, you can go here to do so. As a rule, if your email was exposed, change your passwords and be skeptical of any communications referencing the Adobe breach.