Where can I find good dictionaries for dictionary attacks?

Nice list collected by Ron Bowes you can find here:
http://www.skullsecurity.org/wiki/index.php/Passwords.

Other list is from InsidePro:
https://web.archive.org/web/20120207113205/http://www.insidepro.com/eng/download.shtml.


An important one that hasn't been added to the list is the crackstation wordlist

The list contains every wordlist, dictionary, and password database leak that I could find on the internet (and I spent a LOT of time looking). It also contains every word in the Wikipedia databases (pages-articles, retrieved 2010, all languages) as well as lots of books from Project Gutenberg. It also includes the passwords from some low-profile database breaches that were being sold in the underground years ago.

Best thing is, its free, although you can (and should!) make a donation!


Some additional ones to add to those already suggested

  • ftp://ftp.ox.ac.uk/pub/wordlists/ - Lists by language, may be an important point depending on the locations of the users...
  • http://www.openwall.com/passwords/wordlists/ - The openwall project lists.
  • While not strictly a dictionary site (although it does have some) http://sites.google.com/site/reusablesec/Home/presentations-and-papers has some good presentations on improving the performance of password crackers in general and john the ripper in particular