Star Wars Is (Still) One of the Worst Online Passwords

With the release of The Last Jedi, it seems you can't go more than a few clicks on the internet without running into something related to Star Wars.

Noooooo! Not 'StarWars'! Credit: Lucasfilm

(Image credit: Noooooo! Not 'StarWars'! Credit: Lucasfilm)

Still, no matter how excited you may be about Disney's latest entry in everyone's favorite money-printing space saga, you probably shouldn't incorporate it into your password. SplashData has released its yearly report on the internet's worst passwords, and "starwars" broke the top 20 this time around — although it's still not as dumb as "123456."

This information comes from a SplashData press release, which put together a list of the Worst Passwords of 2017. The top 10 are not even remotely surprising, if you've read a SplashData list before: 123456, password, 12345678, qwerty, 12345, 123456789, letmein, 1234567, football and iloveyou were the most common — and therefore easiest-to-guess — passwords on the 'net.

MORE: Best Password Managers

SplashData's methodology is a little haphazard, but still probably a good starting point. The company analyzed more than five million leaked passwords, which it acquired through records of various data breaches over the past year. The report focuses on the English-speaking communities in North America and Western Europe, and didn't include the infamous Yahoo email breach or breaches from pornographic websites.

The most interesting entry was probably "starwars" in 16th place, although it's by no means the first time the science-fantasy franchise has shown up on a SplashData list. In 2015, "starwars" showed up on the list for the first time, along with "princess" and "solo." Thankfully, the latter two phrases seem to have fallen out of use, but "starwars" has only shot up in the rankings. Also, like last time, "enterprise" was nowhere to be found on the naughty list, so that should settle all of the "Star Wars vs. Star Trek" debates in the latter's favor from now until the end of time.

Interestingly, some of users' favorite passwords were too profane to type in polite company. A rude term for the posterior ranked 34th; a time-honored exclamation of frustration at another person clocked in at 52nd; a feline euphemism for lady parts was 83rd.

Using your name is also apparently a terrible idea when it comes to online passwords. Harley, Robert, Matthew, Jordan, Daniel, Andrew, Andrea, Buster, Joshua, George, Nicole, Hunter, Chelsea, Amanda, Ashley, Jessica, Jennifer, Michelle, William, Maggie, Charlie, and Martin are all among the most easily guessed passwords around.

SplashData's recommendations are nothing new, if you've ever practiced online safety before. The company instructs users to construct passwords from more than 12 characters, with a mix of numbers, letters, and upper- and lower-case characters. Use a different password for each website, and use a password manager to help you generate strong, randomized passwords, if possible.

Best Identity Protection Services

Marshall Honorof

Marshall Honorof is a senior editor for Tom's Guide, overseeing the site's coverage of gaming hardware and software. He comes from a science writing background, having studied paleomammalogy, biological anthropology, and the history of science and technology. After hours, you can find him practicing taekwondo or doing deep dives on classic sci-fi.