Shocking: Over 40,000 portal accounts use admin as a password.

Fecha:
Publicado por:

More than 40,000 admin portal accounts employ the 'admin' password, as uncovered by security researchers. This alarming discovery reveals that a significant number of IT administrators are employing weak passwords, leaving enterprise networks susceptible to cyberattacks.

In a study analyzing over 1.8 million administrator credentials, Outpost24, a cybersecurity company, found that "admin" was a prevalent choice among IT administrators. This data, collected between January and September of this year through Threat Compass, an intelligence solution by Outpost24, indicates a widespread use of default and weak passwords.

These credentials were sourced from information-stealing malware that typically targets applications storing usernames and passwords. Although the data wasn't in plain text, researchers believe that many of the passwords could be easily guessed in unsophisticated password-guessing attacks.

Outpost24 identified these vulnerable admin portal passwords by searching statistical data in the Threat Compass backend for pages designated as Admin portals. The total count was 1.8 million passwords retrieved in 2023 (from January to September).

Admin portals serve various purposes, including configuration, account management, security settings, customer tracking, order management, and database operations.

After analyzing the collected authentication credentials for admin portals, Outpost24 compiled a list of the top 20 weakest credentials.

01. admin 11. demo
02. 123456 12. root
03. 12345678 13. 123123
04. 1234 14. admin@123
05. Password 15. 123456aA@
06. 123 16. 01031974
07. 12345 17. Admin@123
08. admin123 18. 111111
09. 123456789 19. admin1234
10. adminisp 20. admin1

 

Researchers emphasize the importance of adopting fundamental security measures, such as using long, strong, and unique passwords for all accounts, especially for those with access to sensitive resources. To guard against info-stealing malware, Outpost24 recommends implementing an endpoint detection and response solution, disabling password saving and auto-fill options in web browsers, verifying domains during redirections, and avoiding the use of cracked software.

The defense of enterprise networks begins with robust security practices and vigilance against password vulnerabilities.