Poor passwords place internet users at risk. (Duncan Alfreds, Fin24)
Cape Town - The excitement generated by the new Star Wars movie has convinced fans to use the name as their password, marking it as a new entrant into the 2017 list of worst passwords in the world.
Star Wars: The Last Jedi opened in US theatres recently and the password "starwars" jumped into the list of five million leaked passwords, according to security firm SplashData.
The company produces an annual list of the worst passwords in an effort to educate internet users to increase their security, and explained why using simple passwords is a risk.
"Hackers are using common terms from pop culture and sports to break into accounts online because they know many people are using those easy-to-remember words," said SplashData CEO Morgan Slain.
For the fourth year in a row, "123456" is the top password and even though some people change the term with alternative characters, it remains one of the most dangerous passwords.
"Hackers know your tricks, and merely tweaking an easily guessable password does not make it secure," said Slain.
"Our hope is that our Worst Passwords of the Year list will cause people to take steps to protect themselves online."
SplashData advised internet users to use different passwords for sites that they access, and to change them often.
It is better to use a phrase consisting of at least eight characters containing numbers, letters and symbols than a simple word, birthday, or address.
Once hackers discover one of your passwords, they will use that one to check whether it will unlock other sites that you use.
South African banks regularly warn users of the latest scams on the relevant websites but phishing emails - emails which purport to be from financial institutions - are still a favourite among cyber criminals.
According to the IBM Threat Intelligence Index 2017 report, email is still the most popular delivery vehicle for malware, with almost half of spam messages containing a malware application.
The Symantec 2017 Internet Security Threat Report found that fake invoicing is still the most popular phishing lure, making up 26% of all phishing emails, following by documents at 13% and scans at 12%.
A study by Verizon partners found that 23% of people opened phishing emails and 11% opened attachments which can leave them vulnerable to a cyber-attack.
Here is the list of the worst passwords of 2017 as well as their change in position from 2016:
Change in ranking