A letter from out of the past (December 1987):
I am interested in making a list of the most common passwords chosen by users. I’d like to see if anyone knows of any studies that have been done (I vaguely recall hearing of at least one such study). We are writing a program to check for poor passwords on our systems.
Which drew the following response:
At one time “Susan” was reputed to be the most popular American choice. I recall a British clipping citing dogs’ names as popular passwords. However, since many prudent system managers now insist on randomly generated pronounceable passwords, your study might be dated.
Today, sysadmins and such prefer unpronounceable passwords if at all possible. I’d been online for about three years back in 1987, and I never quite understood the assumed popularity of “Susan” as a password; presumably it was simply a reflection of the fact that it was almost all guys on the wire back then.
Apparently, though, we’re over Susan: this 2008 list of the 500 worst passwords doesn’t mention her at all, and Twitter won’t block a registration using “Susan” as a password, though they’ll block “Angela” and “Samantha.”