for about 80% of protected home networks i’ve accessed the password ends up being someone in the home’s phone number.. not sure if it’s just because it’s often the only 8+ character string of numbers people readily have memorized or if it’s just lazy isp’s that set it that way (and lazy owners who never change it afterwards)..?
Yep, in public compromises of large sets of WPA passphrases, more than 50% of them are phone numbers. This is why we offer a CloudCracker dictionary which includes every valid NANP number in it: https://www.cloudcracker.com/dictionaries.html