New analysis of leaked login data has revealed which movie titles most frequently feature in passwords.
Specops trawled through more than 800 million breached passwords to determine which big-screen hits were favored by users. The selection was a subset of a list of 2 billion passwords that have appeared in breached lists.
Topping the list was the sports drama Rocky, written by and starring Sylvester Stallone as a kind-hearted working class Italian-American boxer who dreams of fighting his way out of Philadelphia’s slums.
Rocky, which was released in 1976 and went on to spawn eight sequels, was used as a password nearly 96,000 times.
Trailing close behind was 1991 American fantasy swashbuckler adventure movie Hook, which showed up in over 75,000 breached password lists. Directed by Steven Spielberg, the film stars Robin Williams as Peter Pan, Dustin Hoffman as Captain Hook, Julia Roberts as Tinker Bell, Bob Hoskins as Mr. Smee, and Maggie Smith as Granny Wendy.
Taking the number three spot with 50,000 uses was The Matrix. Released in 1999, the science fiction action movie starred Keanu Reeves as computer programmer and cybercriminal Neo.
Superhero movies Batman, Superman, Spider-man, X-men, and Iron Man took the fourth, sixth, eleventh, thirteenth, and fourteenth spots, respectively, while Alfred Hitchcock’s 1960 American psychological horror thriller Psycho came in at number five.
Children’s movies were also popular, with Frozen scooping the number 12 spot and Shrek taking number 16. While no romantic comedies made it onto the list, epically long romantic disaster movie Titanic beat Terminator to the number 19 spot.
“While we present this breached password list in good humor, what shouldn’t be taken lightly is the negative impact that weak and compromised passwords can have on an organization’s cybersecurity risk,” said Specops.
“Passwords that show up on breached password lists can leave enterprise email, apps, servers and devices vulnerable to the unauthorized access needed to initiate a cyberattack.”
Password guidelines issued by the National Institute of Standards and Technology (NIST) call for a strict eight-character minimum length. NIST also recommends the use of multi-factor authentication to secure any personal information available online.