In fact, compared to previous research on the issue, the data suggests .

Password reuse across different Websites represents a risk because all a hacker need do is crack one site to be able to access other sites the individual uses.

The requirement by many Websites that users log in with their e-mail addresses makes password reuse an even more serious issue, because it means the same username is used across multiple sites. In most cases, e-mail addresses are not confidential.

Analyzing the data, researcher Joseph Bonneau found that 456 legitimate e-mail addresses overlapped at both Gawker and rootkit.com. All the passwords were hashed (that is, ), which makes decoding virtually impossible, but Bonneau used rainbow tables to uncover 54 percent of the Gawker passwords and 44 percent of the rootkit.com passwords. of hashed passwords alongside their plain text versions.

A process called salting can make it much harder for a rainbow table attack to decode passwords but the rootkit.com passwords weren't salted, and the Gawker ones only minimally.