I've been thinking about ways to focus brute forcing dictionary attacks on passwords and passphrases based on the assumption that certain words, combinations of letters, and combinations of words are more common in passwords and passphrases than in general text.
In combinatorial dictionary attacks it seems to make sense to check more combinations using high frequency words (or ngrams) than the rest of the dictionary.
I gather there are lists of the most common passwords out there but are there also lists of most common words or ngrams known to be used in passwords and passphrases?