We get it. Maybe you revived your childhood obsession with Star Wars. But don’t extend that fandom to your password, or you could end up welcoming in… the dark side. And by that, we mean anyone who happens to look at the list of 2015’s Worst Passwords.

This year’s list from SlapDash uses aggregations of leaked passwords as sample sizes to nail the most popular security phrases in circulation. And as we all know — or should know — popularity is not a good thing when it comes to attackers who may be able to guess their way into your secure information.

The usual favorites are on the list again, including “123456” and “password” holding strong at the top with their positions unchanged from last year, but there are some newcomers joining the rolls that are linked to pop culture, including “starwars” and “solo,” named for one Han Solo.

Here’s the list– check it once, check it twice, and if you’re using any of the combinations or words below, right now is the time to change that:

1. 123456 (Unchanged)
2. password (Unchanged)
3. 12345678 (Up 1)
4. qwerty (Up 1)
5. 12345 (Down 2)
6. 123456789 (Unchanged)
7. football (Up 3)
8. 1234 (Down 1)
9. 1234567 (Up 2)
10. baseball (Down 2)
11. welcome (New)
12. 1234567890 (New)
13. abc123 (Up 1)
14. 111111 (Up 1)
15. 1qaz2wsx (New)
16. dragon (Down 7)
17. master (Up 2)
18. monkey (Down 6)
19. letmein (Down 6)
20. login (New)
21. princess (New)
22. qwertyuiop (New)
23. solo (New)
24. passw0rd (New)
25. starwars (New)

If you’re looking for a change, it’s a good idea to use passwords or phrases with 12 characters or more, with mixed types of characters (letters, numbers, punctuation) and avoid reusing the same password on different websites.

Want more consumer news? Visit our parent organization, Consumer Reports, for the latest on scams, recalls, and other consumer issues.