News like the release of RockYou2021 is a great reminder to check and rotate passwords, whether they appear on sites such as haveibeenpwned or similar. Defenders can make use of compiled password lists such as RockYou or COMB to check user-created passwords and ensure that no account is using a password that appears in the list that attackers could easily guess. Password sharing and simplicity is still all too common and a major threat to enterprise and personal security. There are services such as Bitwarden and 1Password to help users create and store unique and strong passwords. Wired has put out a great article detailing some of the best password manager options in 2021. A password with at least 12 characters and numbers, using the first letter of each word in a phrase, is a good start if opting out of the use of a password manager. However, re-using the same password across multiple sites or services is still risky regardless of the strength of the password, because a breach of one site can result in compromise of accounts across all the services.

https://cybernews.com/security/rockyou2021-alltime-largest-password-compilation-leaked/