Over 40,000 Admin Portals Use 'Admin' as Password

A startling revelation from cybersecurity firm Outpost24 has exposed a concerning trend among IT administrators: a widespread reliance on default passwords, with 'admin' being the most popular choice. Over 40,000 admin portal accounts were found to be using this rudimentary password, casting doubts on the security practices of those trusted to secure our digital infrastructure.

The comprehensive analysis conducted by Outpost24 reviewed 1.8 million administrator passwords collected between January and September 2023. The data was obtained through their Threat Compass solution, which detects compromised credentials obtained by malware.

While default passwords like “admin” are simple and easy to remember, they represent a significant security vulnerability. Default passwords act as an open invitation for attackers, providing them with easy access points. Recognizing their inherent danger, both the UK's Product Security and Telecommunication Infrastructure (PSTII) Bill and California's Senate Bill 327 have moved to ban their use. Despite such legislative efforts, the data underscores that these weak passwords remain alarmingly prevalent.

The full list of the top administrator passwords in the dataset further reveals the scope of the issue:

1. admin
2. 123456
3. 12345678
4. 1234
5. Password
6. 123
7. 12345
8. admin123
9. 123456789
10. adminisp

The sheer predictability of these passwords is cause for concern. When associated with admin portals – gateways to essential system configurations and settings – the potential risks intensify.

Outpost24’s data collection method of using Threat Compass to find already-compromised credentials sheds light on another troubling aspect of cybersecurity. Malware, such as those used by organized cybercriminal groups like Traffers, is becoming increasingly sophisticated. These groups deploy deceptive methods, from YouTube videos to rogue Google ads, redirecting unsuspecting users to malware-infested sites.

Once this malware infiltrates a system, it can discreetly accumulate user data, such as login credentials, from various sources, including web browsers and mail clients. Some of these stolen passwords even bypass the encryption mechanisms of applications like Google Chrome. These stolen details eventually find their way to underground marketplaces, ripe for misuse in cyberattacks.

Outpost24 urges a two-pronged approach to fortify defenses against these threats:

• Password Security: Refrain from using default passwords. Embrace unique, strong, and lengthy passwords for every account. Tools like Specops Password Auditor can aid organizations in detecting weak password practices.
• Malware Prevention: Keep informed of evolving cyber threats. Utilize up-to-date anti-malware solutions, avoid saving browser passwords, and remain vigilant against suspicious web activity.

In an era where digital defenses are paramount, this revelation serves as a poignant reminder that even the guardians of our digital gateways are not immune to lapses in security. The challenge now lies in fortifying these gates before they're breached.