Security News > 2023 > January > Lessons Learned from the Windows Remote Desktop Honeypot Report

Over several weeks in October of 2022, Specops collected 4.6 million attempted passwords on their honeypot system.
Though the examples given here focused on RDP connections, a honeypot is not limited to that type of connection, and any remote access system is subject to attacks, like SSH. What should an organization do to minimize the potential damage?
If an attacker gains access to a password dialog, which the most persistent attackers may do despite all other protections, then having a strong password policy is essential.
Before the password is even created, a breached password list that checks the new password against known stolen credentials ensures that the most common variations are not used.
Specops Password Policy with Breached Password Protection checks your user's passwords and prevents them from choosing a compromised password.
Protecting Accounts with MFA. Layered on top of a strong password policy is the use of MFA. With a second authentication requirement, even a correctly guessed or stolen password does not ensure access.
News URL
Related news
- Microsoft replacing Remote Desktop app with Windows App in May (source)
- Microsoft: Recent Windows updates cause Remote Desktop issues (source)
- Recent Windows Server 2025 updates cause Remote Desktop freezes (source)
- Microsoft fixes Remote Desktop issues caused by Windows updates (source)
- Microsoft fixes Remote Desktop freezes caused by Windows updates (source)
- Oh, cool. Microsoft melts bug that froze Server 2025 Remote Desktop sessions (source)