“Who you gonna call?” About these compromised passwords [new data]

If your colleagues are Ghostbuster fans, they might be at risk for compromised password use. Ahead of the upcoming Ghostbusters: Afterlife movie release, Specops Software investigated which Ghostbuster-themed passwords were most popular in compromised password lists. This analysis coincides with the latest update to the Specops Breached Password Protection service.

According to our new research, which analyzed more than 800 million breached passwords – a subset of the more than 4 billion compromised passwords in Specops Breached Password Protection – nerdy favorite “Egon” took the #1 spot, showing up on compromised password lists nearly 68,000 times. After that, another fan favorite “Winston” took the number two spot, showing up over 23,000 times.

“You might not be afraid of no ghosts, but you should definitely be afraid of compromised passwords in your organization,” said Darren James, Product Specialist at Specops Software. “Today’s research shows again that popular movies show up in compromised password data.

Top 10 Ghostbuster-Themed Passwords Found in Compromised Password Lists

  1. Egon
  2. Winston
  3. Gozer
  4. Slimer
  5. Zuul
  6. Ghostbusters
  7. Gatekeeper
  8. Keymaster
  9. StayPuft
  10. Venkman

“The reality is that anytime we do pop culture deep dives into compromised password data, we expect to find a lot of results,” continued James. “And that’s because humans use what they know to create passwords. Sadly, hackers know what’s popular and use this against us in password attacks.”

Password attacks are a constant threat for IT departments. Microsoft reports organizations see over 18 billion password attacks in a year – which translates to 579 password attacks every second.

Specops Breached Password Protection can help defend against password attacks by blocking the use of over 4 billion known compromised passwords in Active Directory.

Today’s update includes an addition of over 70 million compromised passwords to the Breached Password Protection Express list, the list used by Specops Password Auditor to help IT departments identify compromised passwords in their Active Directory networks. These passwords include ones found on leaked lists as well as ones found by our research team’s attack monitoring system that makes use of honeypots to discover what passwords are being used in real password spray attacks happening right now.

You can find out how many of your Active Directory users are using compromised passwords like these by running a free read-only scan with Specops Password Auditor. Read more and download Specops Password Auditor.

With Specops Password Policy and Breached Password Protection, companies can block over 4 billion compromised passwords in Active Directory. These compromised passwords include ones used in real attacks today or are on known breached password lists, making it easy to comply with industry regulations such as NIST or NCSC. Our research team’s attack monitoring data collection systems update the service daily and ensure networks are protected from real world password attacks happening right now. The Breached Password Protection service blocks these banned passwords in Active Directory with customizable end-user messaging that helps reduce calls to the service desk.

About Specops Software

Specops Software is the leading provider of password management and authentication solutions. Specops protects your business data by blocking weak passwords and securing user authentication. With a complete portfolio of solutions natively integrated with Active Directory, Specops ensures sensitive data is stored on-premises and in your control. Every day thousands of organizations use Specops Software to protect business data.

Media Contact

Media contact details can be found on this page.

(Last updated on June 15, 2022)

Back to Blog