May The Force stay far far away from your AD #StarWarsDay

It’s back and better than ever! We’re celebrating #StarWarsDay with an updated list of the most used Star Wars themed passwords that top the Specops Breached Password Protection list.

The Specops Breached Password Protection database includes the HaveIBeenPwned list, the latest Collection lists, as well as thousands of other known leaked lists, as recommended by regulatory bodies such as NIST, CMMC, NCSC and more. In addition to known breaches, our research team also actively monitors passwords being used in real password spray attacks happening right now via a network of honeypots updated daily to ensure end-users are blocked from choosing compromised passwords. 

There are more than 4 billion unique passwords in the Specops Breached Password Protection database—this latest Star Wars password data comes from a subset of that data containing more than 800 million known breached passwords.

So, what are the ever-so-popular but mightily dangerous Star Wars themed passwords topping the list? Here are the top 20 you’ll want to keep out of your credentials and on your block lists.

Top 20 Star Wars themed words found in breached passwords

1. solo
2. boba
3. leia
4. jedi
5. yoda
6. kylo
7. sith
8. hoth
9. vader
10. endor
11. starwars
12. ewok
13. naboo
14. eadu
15. jabba
16. reeves
17. skywalker
18. koska
19. visions
20. obiwan

On the Dark Side? Check your Active Directory for Breached Passwords

Scan your AD

Fan favorite Solo topped the charts at #1and appeared in over 240k breached passwords, whether strictly Star Wars related it’s hard to say, but this particular non-jedi lucked into the top spot. Boba was a close second—either Fett or tea—this trendy term was prevalent in compromised passwords with over 160k instances found. The root words here in the top 20 are a good reminder to stick to totally random passphrases for your passwords, this is not the place to celebrate your fandom.

“After recently visiting the Galaxy’s Edge Florida, joining the Resistance and Flying the Falcon it’s easy to understand how a ‘galaxy far far away’ can inspire so many people’s password choices,” said Darren James, Senior Product Manager at Specops Software who has a Death Star clock in his office. “However even a clan of Mandalorians isn’t going to save you from breached passwords, so make sure that you use a solution like Specops Breached Password Protection in your environment—this is the way!”

Luckily, you don’t need the Force to keep these passwords out of your Active Directory, Breached Password Protection works together with Specops Password Policy so that companies can block all passwords found on the list of over 4 billion unique compromised passwords, including these popular Star Wars terms. The service blocks people from choosing banned passwords in Active Directory and informs the user as to why they cannot use the password, plus it’s easy to comply with industry regulations, such as NIST or Cyber Essentials.