According to Calin, the second most common password is 123456789. Both passwords, 123456 and 123456789, were among the most common used by the victims who fell prey to the phising scam. Of the 9,843 valid passwords he found, 82 of them used one of these two combinations.