Top 10 Usernames and Passwords That Hackers Try to Infiltrate Remote Computers
We know that people are usually bad at choosing passwords , often using “12345” or “letmein”. But what passwords and usernames are most often used by attackers? This analysis by cyber security company Rapid7 reveals some interesting details.
In his project, Heisenberg Rapid7 deployed a collection of decoys operating on unpublished IP addresses around the world. The company believes that the only traffic entering the honeybot will be from services that scan a wide range of IP addresses. Rapid7 has been analyzing attempts to log into these decoys using Remote Desktop Protocol for almost a year. They recorded over 220,000 different login attempts from over 5,000 different IP addresses in 119 different countries.
10 most popular passwords:
|
password |
consider |
percent |
|
X |
11865 |
5.36% |
|
Zz |
10591 |
4.79% |
|
St @ rt123 |
8014 |
3.62% |
|
one |
5679 |
2.57% |
|
P @ ssw0rd |
5630 |
2.55% |
|
bl4ck4ndwhite |
5128 |
2.32% |
|
admin |
4810 |
2.17% |
|
Alex |
4032 |
1.82% |
|
……. |
2672 |
1.21% |
|
administrator |
2243 |
1.01% |
Some of them are not surprising, but “Alex”? Anyway, please do not use these passwords.
Collected the most popular usernames:
|
Username |
consider |
percent |
|
administrator |
77125 |
34.87% |
|
Administrator |
53427 |
24.15% |
|
user1 |
8575 |
3.88% |
|
admin |
4935 |
2.23% |
|
Alex |
4051 |
1.83% |
|
position |
2321 |
1.05% |
|
demonstration |
1920 g. |
0.87% |
|
db2admin |
1654 |
0.75% |
|
Admin |
1378 |
0.62% |
|
sql |
1354 |
0.61% |
Alex again. Change the admin username to one that does not contain the word “admin”.
Check out the report below for more details.
Attacker’s Dictionary | Rapid7 via BetaNews .