Shocking: Over 40,000 portal accounts use admin as a password.
More than 40,000 admin portal accounts employ the 'admin' password, as uncovered by security researchers. This alarming discovery reveals that a significant number of IT administrators are employing weak passwords, leaving enterprise networks susceptible to cyberattacks.
In a study analyzing over 1.8 million administrator credentials, Outpost24, a cybersecurity company, found that "admin" was a prevalent choice among IT administrators. This data, collected between January and September of this year through Threat Compass, an intelligence solution by Outpost24, indicates a widespread use of default and weak passwords.
These credentials were sourced from information-stealing malware that typically targets applications storing usernames and passwords. Although the data wasn't in plain text, researchers believe that many of the passwords could be easily guessed in unsophisticated password-guessing attacks.
Outpost24 identified these vulnerable admin portal passwords by searching statistical data in the Threat Compass backend for pages designated as Admin portals. The total count was 1.8 million passwords retrieved in 2023 (from January to September).
Admin portals serve various purposes, including configuration, account management, security settings, customer tracking, order management, and database operations.
After analyzing the collected authentication credentials for admin portals, Outpost24 compiled a list of the top 20 weakest credentials.
01. | admin | 11. | demo |
02. | 123456 | 12. | root |
03. | 12345678 | 13. | 123123 |
04. | 1234 | 14. | admin@123 |
05. | Password | 15. | 123456aA@ |
06. | 123 | 16. | 01031974 |
07. | 12345 | 17. | Admin@123 |
08. | admin123 | 18. | 111111 |
09. | 123456789 | 19. | admin1234 |
10. | adminisp | 20. | admin1 |
Researchers emphasize the importance of adopting fundamental security measures, such as using long, strong, and unique passwords for all accounts, especially for those with access to sensitive resources. To guard against info-stealing malware, Outpost24 recommends implementing an endpoint detection and response solution, disabling password saving and auto-fill options in web browsers, verifying domains during redirections, and avoiding the use of cracked software.
The defense of enterprise networks begins with robust security practices and vigilance against password vulnerabilities.