000000 000001 000002 ... 999999 Theoretically, a complete 6-digit OTP wordlist contains (from 000000 to 999999). The size of such a plain text file is approximately 7.6 MB (uncompressed) – relatively small by modern computing standards.
Thus, a free wordlist is only useful in – e.g., you have extracted a hashed OTP from a database and want to crack it offline using hashcat or John the Ripper. Where to Legally Obtain or Generate a 6 Digit OTP Wordlist Free If you still need a wordlist for legitimate testing on your own systems, here are safe, legal methods: Method 1: Generate It Yourself (Recommended) Use the seq command on Linux/macOS or a simple Python script. 6 digit otp wordlist free
seq -f "%06g" 0 999999 > 6-digit-otp-wordlist.txt 000000 000001 000002
with open('otp_wordlist.txt', 'w') as f: for i in range(1000000): f.write(f"i:06d\n") This creates a complete 6-digit OTP wordlist free of malware or backdoors. SecLists is the standard for penetration testing wordlists. It includes a file called six-digit-pin-codes.txt (often a subset or common patterns). You can find it at: https://github.com/danielmiessler/SecLists/tree/master/Passwords Thus, a free wordlist is only useful in – e
| Rank | Code | Reason | |------|--------|----------------------------------| | 1 | 123456 | Sequential pattern | | 2 | 111111 | Repeated digit | | 3 | 000000 | All zeros | | 4 | 123123 | Repeated pattern | | 5 | 112233 | Stepped pattern | | 6 | 789012 | End of row on keypad | | 7 | 654321 | Reverse sequential | | 8-20 | Birthdays (e.g., 010190) | MMDDYY format |
# Generate all MMDDYY combinations (birthdays) for month in range(1,13): for day in range(1,32): for year in range(0,100): print(f"month:02dday:02dyear:02d") If you have a legitimate target (your own lab or authorized test), here are tools that can use your free wordlist: 1. Hydra (Network Login Brute-Forcing) hydra -l username -P 6digit.txt target.com http-post-form "/login:user=^USER^&pass=^PASS^:F=incorrect" 2. Burp Suite Intruder Load your wordlist as a payload position in the OTP field. Use attack mode “Sniper”. This is ideal for testing rate limits. 3. Ncrack (RDP, SSH, Telnet) ncrack -p 3389 --user admin -P 6digit.txt target-ip 4. Hashcat (Offline Cracking) For a 6-digit OTP hash (e.g., from a stolen database):
Note: This is not the full 1M list but a curated list of ~10,000 likely PINs (e.g., birthdays, repeating digits). Instead of a wordlist, use a mask in Hashcat: