"Top Passwords Used in RDP Brute-Force Attacks"

Specops Software published a study that examined the most common passwords used in live attacks against Remote Desktop Protocol (RDP) ports. This analysis coincides with the addition of more than 34 million compromised passwords to the Specops Breached Password Protection Service, which now contains over 3 billion unique compromised passwords. RDP over Transmission Control Protocol (TCP) Port 3389 is a popular method for Information Technology (IT) teams to provide remote network access to remote workers. Although attacks on RDP ports increased during the COVID-19 pandemic due to the rise of remote work, the port has remained a popular attack method for criminals. Password-related attacks continue to top the attack methods list, with recent research revealing that brute-force password guessing accounts for 41 percent of all intrusion vectors. The most common base terms found in passwords used to attack TCP Port 3389 in an analysis of over 4.6 million passwords collected in October 2022 from Specops Software's honeypot system included: "Password," "p@ssw0rd," "Welcome," "admin," "Passw0rd," "p@ssword," "pa$$w0rd," "qwerty," "User," and "test." Furthermore, an examination of port attack data, including the RDP port and others, revealed several password patterns. More than 88 percent contain 12 characters or less, nearly 24 percent contain only 8 characters, and less than 19 percent contain only lowercase letters. This article continues to discuss key findings from the analysis of the top passwords used in live attacks against RDP ports.

Help Net Security reports "Top Passwords Used in RDP Brute-Force Attacks"