Outpost24 Exposes IT Admins Using Default Passwords
Researchers from Outpost24 have identified a concerning trend: thousands of IT administrators are employing predictable and weak passwords to safeguard their companies’ internal networks, jeopardizing confidential data and management systems.
Utilizing specialized software, analysts from Outpost24 examined over 1.8 million account records. It was discerned that over 40,000 of these relied on default passwords, notably the term “admin” or its variants.
“To narrow down our password list to administrator passwords, we searched the statistical data stored in the Threat Compass backend for pages identified as Admin portals. We found a total of 1.8 million passwords recovered in 2023 (January to September),” reports Outpost24.
According to experts, malefactors merely need to employ a basic brute force technique to access managerial accounts. From there, they can manipulate system configurations, security parameters, customer databases, and other internal assets.
Outpost24 has compiled a list of the top 20 vulnerable password combinations:
- admin
- 123456
- 12345678
- 1234
- Password
- 123
- 12345
- admin123
- 123456789
- adminisp
- demo
- root
- 123123
- admin@123
- 123456aA@
- 01031974
- Admin@123
- 111111
- admin1234
- admin1
Companies are urged to promptly replace unreliable passwords and implement additional security measures, ranging from antivirus software to prohibiting autosave functions in browsers. Otherwise, the negligence of certain employees may lead to extensive incidents.
