IT administrators can be just as lax at password security as end-users, according to new research.
Analysis of over 1.8 million admin credentials by Outpost24 found that basic default passwords were used frequently by IT staff, with highly predictable terms used tens of thousands of times.
The study found that the term “admin” ranked among the most popular passwords among IT administrators with over 40,000 entries.
Of the top 20 administrator passwords analyzed by the firm, basic numeric combinations such as ‘123456’ and ‘12345678’ were also highlighted among the most-used by admins.
Similarly, terms such as ‘admin123’ and ‘Password’ were also common.
The research points to a culture of poor password security and management that could be placing thousands of organizations worldwide at risk of compromise, according to Outpost24.
Passwords observed in use by the cyber security firm were obtained from credential stealing malware, which is frequently used to compromise user accounts.
These specific passwords, however, could be easily guessed without the need for sophisticated techniques, underlining the potential danger many organizations face by not employing stringent password security practices.
“While the data from our analysis was obtained from credential stealer software, a type of malware designed to target the applications capable of storing usernames, passwords, and other authentication credentials, most of the passwords in our list could have been easily guessed in a rather unsophisticated password-guessing attack,” the firm said.
Inadequate password security
Poor password security has the potential to create significant risks for organizations of all sizes, and the issue of hygiene and best-practice has been a recurring topic in recent years.
A recent study from Authlogics, a provider of password security technologies, warned that the volume of exposed account passwords has skyrocketed.
The firm said its Password Breach Database reached a highly concerning landmark in March 2023, surpassing five billion compromised account credentials.
Separate research from SpyCloud this year also shed light on the scale of the issue. The threat intelligence firm said that password reuse and substandard login credentials remain a “rampant” issue globally.
Find out how to use event log data from your SIEM platform to make IT and business decisions
DOWNLOAD NOW
Outpost24 stressed that administrators and end-users alike should never use default login credentials and always create a “long, strong, password” for each individual account.
“Enforce these security measures across your network,” the firm said, adding that organizations should always be conscious of the telltale signs of poor password security practices.
William Wright, CEO of Closed Door Security told ITPro that passwords should neither be shared nor in a basic format.
“These are rookie mistakes, but they still happen every single day, and criminals are fully aware of it,” he said.
“When criminals target an organization, they understand one valid credential is all they need to execute a data breach or install ransomware. So, when organizations are using ‘admin’ on their administrator accounts this gives them all the access they need, which means it’s the first attack path they will test.”
