Specops Research Reveals Top Passwords Contributing to RDP Port Attacks

Share Article

New data highlights need for stricter password guidelines with brute force password guessing topping the list of attack methods against RDP

News Image
Weak passwords continue to leave organizations vulnerable to attacks on RDP ports and other systems, but it doesn’t have to be this way.

Specops Software, a leading provider of password management and user authentication solutions, today released new research analyzing the top passwords used in live attacks against Remote Desktop Protocol (RDP) ports. This analysis coincides with the latest addition of over 34 million compromised passwords to the Specops Breached Password Protection Service, which now includes over 3 billion unique compromised passwords.

RDP over TCP Port 3389 is a popular way to provide IT teams remote network access to remote workers. While attacks on RDP ports grew during the COVID-19 pandemic as a result of the rise of remote work, the port has continued to be a popular attack method for criminals despite many workers returning to the office. Password-related attacks continue to top the list of attack methods, with recent research finding brute force password guessing accounts for 41% of all intrusion vectors.

In an analysis of over 4.6 million passwords collected in October 2022 from Specops Software’s honeypot system - one of the sources for compromised passwords blocked by Specops Password Policy and Breached Password Protection - the most common base terms found in passwords used to attack TCP Port 3389 included:

1.    Password
2.    p@ssw0rd
3.    Welcome
4.    admin
5.    Passw0rd
6.    p@ssword
7.    pa$$w0rd
8.    qwerty
9.    User
10.    test

Additionally, an analysis of port attack data including the RDP port and others revealed several password patterns, with more than 88% containing 12 characters or less, nearly 24% containing just 8 characters, and just under 19% containing only lowercase letters.

“Weak passwords continue to leave organizations vulnerable to attacks on RDP ports and other systems, but it doesn’t have to be this way,” said Darren James, Head of Internal IT, Specops Software. “It is imperative that organizations adopt stronger password policies, such as requiring longer passphrases, introducing length-based password aging, and blocking compromised passwords.”

For more information about the research, check out the full data and analysis here. To learn more about Specops’ password management solutions, contact us today.

About Specops Software
Specops Software, an Outpost24 Group company, is the leading provider of password management and authentication solutions. Specops protects your business data by blocking weak passwords and securing user authentication. With a complete portfolio of solutions natively integrated with Active Directory, Specops ensures sensitive data is stored on-premises and in your control. Everyday thousands of organizations use Specops Software to protect business data.

The Outpost24 Group is pioneering cyber risk management with vulnerability management, application security testing, threat intelligence and access management – in a single solution. Over 2,500 customers in more than 65 countries trust Outpost24’s unified solution to identify vulnerabilities, monitor external threats and reduce the attack surface with speed and confidence. Delivered through our cloud platform with powerful automation supported by our cyber security experts, Outpost24 enables organizations to improve business outcomes by focusing on the cyber risk that matters.

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Willa Hahn
Visit website