Following up on a recent spate of attacks that exploited weak passwords on Windows servers, researchers have compiled a list of commonly used passwords that are alarmingly easy to brute force.
Last month, cybersecurity company Guardicore revealed it had discovered a resurgence in Purple Fox malware. Attackers were compromising Windows machines via a new infection vector, brute forcing into internet-connected Windows servers.
Expanding upon this work, researchers from password management and authentication solution vendor Specops Software deployed a global honeypot system to determine the weakest passwords and strengthen its Breached Password Protection list.
We're looking at how our readers use VPN for a forthcoming in-depth report. We'd love to hear your thoughts in the survey below. It won't take more than 60 seconds of your time.
- We’ve also rounded up the best business password managers
- Shield yourself with these best identity theft protection services
- Secure your credentials with one of the best security keys
According to its analysis, "123" (used 842 times), "Aa123456" (used 801 times) and "password" (used 640 times) were the top three most commonly used passwords, despite the abundance of password generators available.
In all, Specops studied more than 250,000 attacks over a month to compile a list of the most commonly used passwords.
“The data tells us that these passwords are weak and again the password is the weakest link in IT security,” said Thorbjörn Sjövold, Head of Research at Specops Software.
In addition to the top three, "1qaz2wsx", "12345678", "a123456", "password1", "abc123", and "111111111" round out the top ten.
- These are the best identity theft protection tools
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’s TechRadar Pro’s expert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.