SPRINGFIELD, Mo. – The “Barbenheimer” craze has swept the summer box office even to the point that users are using Barbie and Oppenheimer-related passwords, according to a study conducted by NordPass.

After NordPass investigated a huge 4.3TB database of leaked credentials, independent researchers that the company partnered with found over 9 million passwords referencing both Barbie and Oppenheimer.

According to the study, about 6.5 million passwords were found among the leaked credentials, which makes up 71% of all Barbenheimer-related passwords. Most of them consisted of words and phrases like:

  • Robert
  • Oppenheimer
  • Alamos
  • Manhattan
  • Atomic
  • Nuclear
  • Hiroshima
  • Nagasaki

The study found that Barbie-related passwords represented almost 2.7 million user passwords. Users also referenced the cast of the movie such as:

  • Margot
  • Robbie
  • Gosling

“The Barbenheimer case clearly illustrates that cultural events inspire our password choices. Unfortunately, what is trending worldwide in the movie scene is often trending in our passwords. The same logic applies to sports, music, food, and other things people enjoy. Our passwords are predictable, which is the best gift for hackers,” says Gediminas Brencius, the head of product growth at NordPass.

Based on an earlier study by the company, trending releases of movies and shows over the past few years have also been represented in passwords. “Batman” was used 2.6 million times, “euphoria” over 53,000, and “encanto” over 10,000 times.

Most common movie-inspired passwords of all time:

  1. leon
  2. coco
  3. joker
  4. matrix
  5. starwars
  6. spiderman
  7. alien
  8. maverick
  9. psycho
  10. terminator

Brencius said it’s essential to understand that all the passwords revealed in the studies are not meeting the password security requirements. Otherwise, they would have ended up in something other than the leaked password databases.

Here’s how to develop better credentials management habits according to Brencius.

  1. Create long and complex passwords. Any password should comprise at least 20 characters, preferably random combinations of upper and lowercase letters, numbers, and special symbols. While these are often difficult to create and remember, most password managers offer password generators that help in this quest.
  2. Get inspired by movie scripts, not their names. Despite cybersecurity professionals’ warnings, some people still rely on passwords they can remember. In this case, an internet user should aim for a very long password. For instance, they can choose a lesser-known scene from their favorite movie, pick a sentence, and create a very long password out of it.
  3. Never reuse passwords. Each account should have a unique password. Otherwise, a hacker can access other accounts without much effort if they break into one account.
  4. Try passkeys wherever possible. Passkeys, a new method of online authentication, are slowly replacing passwords. This technology is considered the best alternative to passwords to date, and various companies, such as Google, Apple, Microsoft, and PayPal, already allow internet users to reach their accounts with passkeys.