May The Force stay far far away from your AD #StarWarsDay

It’s back and better than ever! We’re celebrating #StarWarsDay with an updated list of the most used Star Wars themed passwords that top the Specops Breached Password Protection list.

The Specops Breached Password Protection database includes the HaveIBeenPwned list, the latest Collection lists, as well as thousands of other known leaked lists, as recommended by regulatory bodies such as NIST, CMMC, NCSC and more. In addition to known breaches, our research team also actively monitors passwords being used in real password spray attacks happening right now via a network of honeypots updated daily to ensure end-users are blocked from choosing compromised passwords. 

There are more than 4 billion unique passwords in the Specops Breached Password Protection database—this latest Star Wars password data comes from a subset of that data containing more than 800 million known breached passwords.

So, what are the ever-so-popular but mightily dangerous Star Wars themed passwords topping the list? Here are the top 20 you’ll want to keep out of your credentials and on your block lists.

Top 20 Star Wars themed words found in breached passwords

  1. solo
  2. boba
  3. leia
  4. jedi
  5. yoda
  6. kylo
  7. sith
  8. hoth
  9. vader
  10. endor
  11. starwars
  12. ewok
  13. naboo
  14. eadu
  15. jabba
  16. reeves
  17. skywalker
  18. koska
  19. visions
  20. obiwan
storm trooper
On the Dark Side? Check your Active Directory for Breached Passwords

Fan favorite Solo topped the charts at #1and appeared in over 240k breached passwords, whether strictly Star Wars related it’s hard to say, but this particular non-jedi lucked into the top spot. Boba was a close second—either Fett or tea—this trendy term was prevalent in compromised passwords with over 160k instances found. The root words here in the top 20 are a good reminder to stick to totally random passphrases for your passwords, this is not the place to celebrate your fandom.

“After recently visiting the Galaxy’s Edge Florida, joining the Resistance and Flying the Falcon it’s easy to understand how a ‘galaxy far far away’ can inspire so many people’s password choices,” said Darren James, Senior Product Manager at Specops Software who has a Death Star clock in his office. “However even a clan of Mandalorians isn’t going to save you from breached passwords, so make sure that you use a solution like Specops Breached Password Protection in your environment—this is the way!”

Darren James Specops Product Specialist outside of Galaxy Edge in Florida
Darren James, Senior Product Manager at Specops, geeking out at Star Wars: Galaxy’s Edge at Walt Disney World

Luckily, you don’t need the Force to keep these passwords out of your Active Directory, Breached Password Protection works together with Specops Password Policy so that companies can block all passwords found on the list of over 4 billion unique compromised passwords, including these popular Star Wars terms. The service blocks people from choosing banned passwords in Active Directory and informs the user as to why they cannot use the password, plus it’s easy to comply with industry regulations, such as NIST or Cyber Essentials.

(Last updated on May 3, 2023)

Back to Blog

Related Articles

  • The Force won’t save you from these breached passwords #StarWarsDay

    If your colleagues are Star Wars fans, they might be at risk for breached password use. On May the 4th, the unofficial Star Wars fandom holiday, Specops Software investigated which Star Wars themed passwords were most popular in breached password lists. This new research also coincides with the latest update to the Specops Breached Password…

    Read More
  • And the Award for Most Popular Movie Used in Passwords Goes to…

    A couple of weeks ago, we revealed the top Major League Baseball team names that are a homerun for hackers in conjunction with Opening Day. With the Oscars just around the corner, we’re refreshing our list to share the top movie titles used in leaked passwords. While the entertainment community and film fans worldwide wait…

    Read More
  • Not Even Superheroes Have the Power to Stay Off of Breached Password Lists

    Batman or Spiderman? Superman or Thor? Flash or Falcon? The infatuation with and intense debate over Marvel and DC superhero and villain supremacy among comic book aficionados is a year-round musing, but always intensifies during the summer months when the latest flick hits the Big Screen.   In conjunction with the new Loki (Marvel) series now streaming on Disney Plus, and with the…

    Read More