Security News > 2022 > November > Top passwords used in RDP brute-force attacks

Specops Software released a research analyzing the top passwords used in live attacks against Remote Desktop Protocol ports.

This analysis coincides with the latest addition of over 34 million compromised passwords to the Specops Breached Password Protection Service, which now includes over 3 billion unique compromised passwords.

While attacks on RDP ports grew during the COVID-19 pandemic as a result of the rise of remote work, the port has continued to be a popular attack method for criminals despite many workers returning to the office.

Password-related attacks continue to top the list of attack methods, with recent research finding brute force password guessing accounts for 41% of all intrusion vectors.

An analysis of port attack data including the RDP port and others revealed several password patterns, with more than 88% containing 12 characters or less, nearly 24% containing just 8 characters, and just under 19% containing only lowercase letters.

"Weak passwords continue to leave organizations vulnerable to attacks on RDP ports and other systems, but it doesn't have to be this way," said Darren James, Head of Internal IT, Specops Software.

News URL

https://www.helpnetsecurity.com/2022/11/17/top-passwords-rdp-attacks/