Security News > 2023 > October > Over 40,000 admin portal accounts use 'admin' as a password
Security researchers found that IT administrators are using tens of thousands of weak passwords to protect access to portals, leaving the door open to cyberattacks on enterprise networks.
Out of more than 1.8 million administrator credentials analyzed, over 40,000 entries were "Admin," showing that the default password is widely accepted by IT administrators.
"To narrow down our password list to administrator passwords, we searched the statistical data stored in the Threat Compass backend for pages identified as Admin portals. We found a total of 1.8 million passwords recovered in 2023" - Outpost24.
The researchers warn that although the entries above are "Limited to known and predictable passwords," they are associated with admin portals, and threat actors are targeting privileged users.
Defending the enterprise network starts with applying baseline security principles like using long, strong, and unique passwords for every account, especially for users with access to sensitive resources.
To keep safe from info-stealing malware, Outpost24 recommends using an endpoint and detection response solution, disabling password saving and auto-fill options in web browsers, checking domains when a redirection occurs, and steering away from cracked software.