While superheroes protect entire cities from villains in their respective universes, a superhero password might have a hard time preventing account holders from getting hacked, according to a recent Mozilla report.
Mozilla analyzed which superhero-inspired passwords are the easiest to crack, and its report found superhero names at the center of nearly 1 million data breaches.
Some insights into the most commonly leaked superhero passwords:
- For the report, researchers used haveibeenpwned.com, which is a database of more than 320 million passwords that have been exposed.
- Superheroes' alter egos were also commonly breached passwords. Wolverine's real name, James Howlett or Logan, was cracked 30,479 times, Clark Kent was breached 4,919 times and Bruce Wayne was breached 2,267 times.
- Having easily guessable passwords leaves users susceptible to password spraying campaigns, in which a hacker enters many combinations of passwords until one allows them to log in.
Here are the 11 most common superhero passwords and how many times they've been cracked:
1. Superman — 368,397
2. Batman — 226,327
3. Spider-Man— 160,030
4. Wolverine — 53,745
5. Iron Man — 44,175
6. Wonder Woman (tied) — 21,756
7. Daredevil (tied) — 21,756
8. Thor — 7,133
9. Black Widow (tied) — 4,507
10. Black Panther (tied) — 4,507
11. Captain America — 689