To celebrate World Password Day and #StarWarsDay 2023, Specops Software released findings which observed the commonality of passwords that contained a likely Star Wars character or related term within a password.
According to the research by Specops, which analysed over 800 million known breached passwords (a subset of a larger list included within its Breached Password Protection list of over 3 billion passwords), it was found that ‘Solo’, possibly in reference to iconic Harrison Ford character Han Solo, was top of the list of most popular Star Wars related words. In total, Solo appeared within breached passwords over 240,000 times.
Second on the list was Boba (possibly referring to Boba Fett), which was found in over 160k breached passwords. The list also includes ‘Leia’ (no.3), ‘Yoda’ (no. 5), ‘Vader’ (no. 9), ‘Skywalker’ (no. 17), and ‘Obiwan’ (no.20).
Unsurprisingly, the phrase ‘starwars’ also featured among the list, in 11th place. The whole list can be read here.
While it is impossible to know the reason behind a password choice, there’s a high probability that the user has intent to base it on someone or something memorable, like their favourite Star Wars character. This is especially true given the popularity of the franchise among fans of all ages.
Using commonly known terms or phrases for passwords, like your favourite Star Wars character (as above) or popular World Cup players, is seen as low risk, high yield for cybercriminals, as the passwords frequently appear on leaked lists on the dark web and are then used in attacks to gain unauthorised access to user accounts and networks.
Darren James, Product Specialist at Specops Software, said:
“After recently visiting the Galaxy’s Edge Florida, joining the Resistance and Flying the Falcon it’s easy to understand how a ‘galaxy far far away’ can inspire so many people’s password choices, however even a clan of Mandalorians isn’t going to save you from breached passwords, so make sure that you use a solution like Specops Breached Password Protection in your environment—this is the way!”
At the IT Security Guru we’ve been celebrating World Password Day. You can read expert insight here.