It’s been a rough couple of days for President Donald Trump’s former campaign manager Paul Manafort, the subject of a federal indictment alleging tax fraud and money laundering.
Now, besides all those pesky conspiracy charges, it seems that Manafort is also bad at online security.
Two security researchers discovered Monday that Manafort may have used the password “bond007” to access his former Adobe and Dropbox online storage accounts, as tech publication Motherboard notes.
The researchers discovered the password—a reference to the fictional spy James Bond—by first obtaining Manafort’s email address from hacked text messages from his daughter’s smartphone. Those messages were released in March to the dark web, the tangle of encrypted networks where people can trade information or communicate outside of the public view.
Get Data Sheet, Fortune’s technology newsletter.
By plugging Manafort’s email address into a website that confirms whether someone’s information was compromised during two big hacks that impacted Adobe and Dropbox in 2013 and 2012 respectively, the researchers learned that Manafort’s account was indeed compromised.
Apparently, the password hints from Manafort’s compromised accounts contained tip-offs, including the words “secret agent” and “James Bond.” It didn’t take much guesswork, but the researchers discovered that Manafort apparently used “bond007” as his password.
The string of recent high-profile hackings like the one involving Equifax is a reminder that people should use passwords that are difficult to crack. Among some of the worst examples or easy to guess passwords including “football,” “starwars,” and “123456,” according to security firm SplashData.
You can add “bond007” to that list.