Specops Software marked World Password Day and #StarWarsDay 2023 by examining the prevalence of Star Wars-related terms in breached passwords. Specops conducted its research by sifting through over 800 million passwords known to have been breached and found that the term ‘Solo’ was the most popular password associated with Star Wars, appearing in over 240,000 breached passwords. The second most commonly-used Star Wars term was ‘Boba’, followed by ‘Leia’, ‘Yoda’, ‘Vader’, ‘Skywalker’, and ‘Obiwan’. The term ‘starwars’ also appeared in the list of breached passwords, coming in at 11th place. Specops underlined the risk of using similar passwords, which were seen as low risk, high yield targets for cybercriminals by experts.
While it is impossible to know the reason behind a password choice, users often opt for passwords that are memorable, like their favorite Star Wars character, as the franchise is so popular and beloved by fans of all ages. However, using commonly known terms or phrases for passwords, like Star Wars-related terms, or popular World Cup players, is seen as a risk, as the passwords can frequently appear on leaked lists on the dark web. Cybercriminals then use the passwords in attacks aimed at gaining unauthorised access to user accounts and networks.
Specialist at Specops Software, Darren James, emphasised the importance of choosing secure passwords and using software like Specops Breached Password Protection to keep passwords safe. “Even if you belong to a clan of Mandalorians it’s not going to save you from breached passwords, so make sure you use a solution like Specops Breached Password Protection in your environment—this is the way!” he warned.
In conclusion, while it’s understandable for users to choose passwords based on their favourite Star Wars characters, it’s important to bear in mind the possible risk posed by cybercriminals who can easily guess weak passwords. Thus, users are advised to choose passwords that are more complex, memorable, and difficult to guess, in order to maintain their digital security.