A new research report reveals the 10 most common passwords attackers are using and analyzes their wordlists for the most common complexity rules and password lengths. Results of a similar analysis were completed in 2022, so this research is now refreshed and up to date for 2025. The launch of the report also coincides with the latest addition of over 85 million compromised passwords to the Specops Breached Password Protection service. These passwords come from Specops honeypot network and threat intelligence sources.
The key points in the report are:
- 85 million compromised passwords added to Specops Breached Password Protection
- Top 10 passwords being used in honeypot attacks
- Welcome1 is an interesting one—emphasizes the need for secure employee onboarding as new passwords are set and maybe never changed, making them an easy target for attack
- 24% of all honeypot attack passwords are solely numbers
- Enabling push-spam resistant MFA to RDP connections adds a layer of protection, even if the password was to be breached
- Keep Windows servers and clients patched and up to date to protect against CVEs
- Check for misconfiguration – ensure the TCP port 3389 is using an SSL connection and isn’t exposed directly to the internet
- Limit the range of IP addresses that can use RDP connections
You can read the report here.
Related
This entry was posted on March 18, 2025 at 10:03 am and is filed under Commentary with tags Specops. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Which passwords are attackers using against RDP ports right now?
A new research report reveals the 10 most common passwords attackers are using and analyzes their wordlists for the most common complexity rules and password lengths. Results of a similar analysis were completed in 2022, so this research is now refreshed and up to date for 2025. The launch of the report also coincides with the latest addition of over 85 million compromised passwords to the Specops Breached Password Protection service. These passwords come from Specops honeypot network and threat intelligence sources.
The key points in the report are:
You can read the report here.
Share this:
Like this:
Related
This entry was posted on March 18, 2025 at 10:03 am and is filed under Commentary with tags Specops. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.