Specops Software has released its 2025 Specops Breached Password Report, which has found that 230 million stolen passwords actually met the standard complexity requirements (over eight characters, one capital, one number, and special character). This shows simply meeting password security standards isn’t enough.
The report also reveals that malware stolen credentials are extremely common – Specops found over a billion in the last 12 months!
This annual report provides an eye-opening examination into the ongoing struggle organizations face in addressing weak password practices, and despite knowing the risks, end users continue to create short, weak passwords like ‘password,’ ‘12345,’ and ‘admin’ when they’re allowed to.
Other findings include:
- ‘Complex’ passwords can still be predictable thanks to user behavior. Length is a better indicator of password strength.
- Hackers favor malware-stolen credentials as they’re easy to obtain, use, and sell. Redline is the most popular stealer according to the research.
- Even strong passwords can be stolen by malware, rendering hashing algorithms obsolete. All end user accounts should be secured with MFA.
You can read their report here:
https://specopssoft.com/blog/report-one-billion-malware-stolen-credentials
https://specopssoft.com/our-resources/most-common-passwords
Related
This entry was posted on January 21, 2025 at 9:04 am and is filed under Commentary with tags Specops. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Over 1 Billion Password Credentials Stolen in 12 months Due to Malware
Specops Software has released its 2025 Specops Breached Password Report, which has found that 230 million stolen passwords actually met the standard complexity requirements (over eight characters, one capital, one number, and special character). This shows simply meeting password security standards isn’t enough.
The report also reveals that malware stolen credentials are extremely common – Specops found over a billion in the last 12 months!
This annual report provides an eye-opening examination into the ongoing struggle organizations face in addressing weak password practices, and despite knowing the risks, end users continue to create short, weak passwords like ‘password,’ ‘12345,’ and ‘admin’ when they’re allowed to.
Other findings include:
You can read their report here:
https://specopssoft.com/blog/report-one-billion-malware-stolen-credentials
https://specopssoft.com/our-resources/most-common-passwords
Share this:
Like this:
Related
This entry was posted on January 21, 2025 at 9:04 am and is filed under Commentary with tags Specops. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.