Trustwave’s SpiderLabs recently published details of approximately two million compromised accounts, which included the most common passwords used online.
According to Trustwave’s SpiderLabs they discovered the credentials while investigating a server that cyber criminals use to control a massive network of compromised computers known as the “Pony botnet.”
The company released some of the statistics regarding the compromised accounts:
- 1,580,000 website login credentials stolen
- 320,000 email account credentials stolen
- 41,000 FTP account credentials stolen
- 3,000 Remote Desktop credentials stolen
- 3,000 Secure Shell account credentials stolen
Most used passwords
Trustwave’s SpiderLabs said that the most commonly used passwords “were far from what your CISO would like to see”. Here are the most used (worse) passwords:
Overall password strength
Trustwave’s SpiderLabs said that their analysis shows that passwords that use all four character types and are longer than 8 characters are considered “Excellent”. Passwords with four or less characters of only one type are considered “Terrible”.
“Unfortunately, there were more terrible passwords than excellent ones, more bad passwords than good, and the majority, as usual, is somewhere in between in the Medium category,” the company said.