After sifting through more than 1.8 million pages identified as admin portals, researchers made a disheartening discovery — 40,000 of them used “admin” as its password, making it the most popular credential used by IT administrators.

The research was conducted on 2023 passwords between January and September by a team with Outpost24, which also found an increased reliance on default passwords.

The top 10 passwords discovered by the analysis included common defaults and easy-to-guess options:

  1. admin
  2. 123456
  3. 12345678
  4. 1234
  5. Password
  6. 123
  7. 12345
  8. admin123
  9. 123456789
  10. adminisp

“While our top 20 findings are limited to known and predictable passwords, the fact that they were associated with admin portals also tells us that bad actors are well equipped to target privileged users,” the Outpost24 team explained.

The researchers highlighted the continuing efforts of “traffers,” organized groups of cybercriminals that use malware to target admins and steal their credentials.

“To secure passwords and consequently business data, there are two key takeaways,” the report added. “One is securing passwords through standard best practices, and the second is avoiding malware infection.”

Keep up with the latest cybersecurity threats, newly-discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

Source: www.darkreading.com