Password-based fraud detection

What is claimed is: 1. A computer-implemented method, comprising: maintaining, by a computer system, a ranked list indicating frequency of use of passwords for accounts associated with an electronic marketplace, the ranked list maintained in a first data store separate from a second data store of secure passwords for the accounts associated with the electronic marketplace, the ranked list including the passwords that are set for the accounts; receiving a request to set a password for an account associated with the electronic marketplace; selecting a first subset of passwords from the ranked list based at least in part on a type of the account associated with the request and behavior information of users of the accounts; flagging the account as potentially being compromised based at least in part on the frequency of use of the password surpassing the frequency of use of at least one password included in the first subset of passwords of the ranked list within a specified time threshold; and in response to a subsequent request to access the account associated with the electronic marketplace: denying the subsequent request to access the account based at least in part on the account being flagged; and requesting authentication of the account based at least in part on the account being flagged. 2. The computer-implemented method of claim 1 , further comprising: identifying a second subset of passwords included in the ranked list, the second subset of passwords determined based at least in part a threshold that is specified by the electronic marketplace; and flagging the account as potentially being compromised based at least in part on the frequency of use of the password surpassing the frequency of use of the at least one password included in the second subset of passwords. 3. The computer-implemented method of claim 1 , further comprising in response to a subsequent request to set the password for the account, denying the subsequent request based at least in part on the account being flagged. 4. The computer-implemented method of claim 1 , wherein flagging the account as potentially being compromised is further based at least in part on a sub-string comparison of the password to an individual password included in the ranked list and a match threshold specified by the electronic marketplace. 5. The computer-implemented method of claim 1 , further comprising changing the password for the account to a generated password that is not included in the ranked list based at least in part on the account being flagged. 6. A non-transitory computer-readable storage medium storing computer-executable instructions that, when executed by a computer system, configure the computer system to perform operations comprising: maintaining first information about frequency of use of passwords associated with a plurality of accounts, the first information including the passwords that are set for the plurality of accounts and a subset of passwords having a size that is based at least in part on second information associated with the plurality of accounts, the second information indicating a type of account associated with a request to set a password and behavior information of users of the plurality of accounts; and in response to receiving the request to set the password associated with an account of the plurality of accounts: marking the account as potentially being compromised based at least in part on the frequency of use of the password included in the set request surpassing the frequency of use of at least one password included in the first information; in response to the account being marked, identifying parameters associated with the marked account; selecting one or more accounts of the plurality of accounts that have the parameters of the marked account for further investigation; and denying the request to set the password associated with the account based at least in part on marking the account as potentially being compromised. 7. The non-transitory computer-readable storage medium of claim 6 further comprising in response to the account being marked, denying access to the account. 8. The non-transitory computer-readable storage medium of claim 7 , further comprising in response to the account being marked, requesting authentication of the account from a user associated with the account. 9. The non-transitory computer-readable storage medium of claim 7 , further comprising: in response to a subsequent request to access the account: granting access to a test environment that simulates an environment normally associated with the account but that prohibits actions associated with the account; and obtaining information about the actions performed by the account in the test environment. 10. The non-transitory computer-readable storage medium of claim 6 , wherein the first information about the frequency of use of the passwords associated with the plurality of accounts includes metrics which indicate an increase for the frequency of use for an individual password. 11. The non-transitory computer-readable storage medium of claim 6 , wherein maintaining the first information about the frequency of use of the passwords associated with the plurality of accounts is updated according to a time threshold, the time threshold determined based at least in part on metrics associated with the plurality of accounts. 12. A computer system, comprising: a hardware processor; and memory including computer-executable instructions that, when executed by the hardware processor, cause the system to at least: maintain frequency of use information about access factors associated with a plurality of accounts, the frequency of use information about the access factors including a frequency of use for authentication information and for password information associated with an individual account of the plurality of accounts, the password information being set for the individual account; and responsive to receiving an indication that access factors are being set for an account of the plurality of accounts: receive the frequency of use information about access factors associated with another plurality of accounts from a third party; mark the account as potentially being compromised based at least in part on a comparison of the frequency of use of the access factors associated with the account and the frequency of use information about the access factors associated with another plurality of accounts from the third party; and deny setting the access factors for the account based at least in part on the account being marked as potentially compromised. 13. The system of claim 12 , wherein the computer-executable instructions that, when executed by the hardware processor, cause the system to further prohibit the use of particular authentication information for the account in response to a subsequent login session of the account. 14. The system of claim 12 , wherein the computer-executable instructions that, when executed by the hardware processor, cause the system to further prohibit the use of particular password information for the account in response to a subsequent login session of the account. 15. The system of claim 12 , wherein the comparison further comprises determining that a first distribution of the frequency of use of the access factors associated with the account are different from a second distribution indicated by the frequency of use information about the access factors associated with the plurality of accounts. 16. The system of claim 15 , wherein the password information includes a password for a particular ac