Over 40,000 admin portal accounts use ‘admin’ as a password::Security researchers found that IT administrators are using tens of thousands of weak passwords to protect access to portals, leaving the door open to cyberattacks on enterprise networks.

  • @keesrif
    link
    English
    651 year ago

    I find their statements a bit on the sweeping side.

    Out of more than 1.8 million administrator credentials analyzed, over 40,000 entries were “admin,” showing that the default password is widely accepted by IT administrators.

    That’s just over 2 percent. “Widely accepted” in my book is a much larger percentage…

    • @[email protected]
      link
      fedilink
      English
      51 year ago

      2% is plenty enough to get a lot of orgs malwared. What gets me is the number of orgs that just have administrative systems internet-facing. That’s the first fail

  • @[email protected]
    link
    fedilink
    English
    471 year ago

    She was a qwerty1 girl. He was a θⰼ💑ꙩ׳Ͳ📢🦀ԉ꠷ᵭϊ⒁㇃⛭🨪ǘ⭝ᴎІ"⚌⪆㉑┦🨰꒕𝌾㇀🤃Ȁ guy.

    • @[email protected]
      link
      fedilink
      English
      81 year ago

      Yikes, imagine not using a password manager on that. That’s some next-level numpad skills.

      • Tunahan Yılmaz
        link
        English
        -101 year ago

        Hey, just a heads up, you can just upvote the comment if you found it entertaining. People generally expect replies to add meaningful information the the parent comment.

          • @[email protected]
            link
            fedilink
            English
            2
            edit-2
            1 year ago

            I have scarcely seen a person so got. Excellent sleuthing.

            Edit: damn that shit was like five comments in, too. I’m down to shitpost but if ya call people out for their nothing-comments… don’t be a nothing-commenter.

  • @robocall
    link
    English
    341 year ago

    upgrade to, “Admin1!”

    • @ShunkW
      link
      English
      81 year ago

      I think I can say this now because it’s been 10 years. But in one of my old jobs, I set a new windows administrator password for all assets across the organization. Previously it was 8 characters with a known word with an exclamation point added at the end.

      I got the approval to set a new password that would be secure but easy to remember for the IT guys that would be using it on a daily basis. They complained about my first two choices, so I said fuck it and changed it to F0rH315ThEKwi$atzHad3rach!

      I could remember it just fine. Still do to this day lol. They complained about a 14 character password before and I was tired of trying to get them on board.

      As soon as I left for greener pastures, I heard they changed the password to something easy again. Oh well, not my problem anymore.

        • @ShunkW
          link
          English
          51 year ago

          Yeah, a reference to Dune. I had just re-read the first three books and it came to me.

        • @ShunkW
          link
          English
          41 year ago

          No? Not sure where you got that from lol.

  • Flying Squid
    link
    English
    291 year ago

    That’s amazing! That’s the same password I have on my luggage!

    • @lando55
      link
      English
      71 year ago

      I’m surrounded by assholes!

    • @pdxfed
      link
      English
      21 year ago

      Always work that into any discussion around passwords to find out who the kindred souls are in the room. Either instant smiles or awkward pauses, so good to sort the chaff from the wheat.

      • @hansl
        link
        English
        21 year ago

        `It’s p4sswording time!”

  • @Kbobabob
    link
    English
    171 year ago

    There not really much in the article but i know a lot of stuff gets shipped with admin/admin. A lot of manufacturers are starting to ship with secure passwords and a requirement to make one on first boot.

  • @[email protected]
    link
    fedilink
    English
    141 year ago

    Researcher just found long ago that Mb2.r5oHf-0t is the most secure Passwort. Therefore everyone should use it

  • @Ddhuud
    link
    English
    11
    edit-2
    1 year ago

    I worked for an organization that was pawned by ransomware. That administered around 4500 Windows PCs. All and every one of them had an admin account that was “adminarea” and the password was “areaadmin”

  • @MeekerThanBeaker
    link
    English
    101 year ago

    Majority of those accounts are probably used on portals for printer/copiers.

    • @[email protected]
      link
      fedilink
      English
      31 year ago

      And no doubt for a bunch of off-brand internet-connected cameras. Or, those are just totally open to the whole world. Glad to see Shodan is still up… Though I’d hoped some mfg would change their practices once it became obvious no one changes the default.

  • Carlos Solís
    link
    fedilink
    English
    51 year ago

    There is a chance that I once used the user ‘admin’ with the password ’ istrator’ for the laughs.

  • arthurpizza
    link
    English
    41 year ago

    That’s amazing! I’ve got the same combination on my luggage!

  • @[email protected]
    link
    fedilink
    English
    41 year ago

    My providers router has the username locked as ‘Admin’. They are pretty decent otherwise.

    • @hansl
      link
      English
      61 year ago

      Meh. Username shouldn’t matter anyway. Make sure the password is secure (and stored securely).

      I had a loaned ISP router in the early naughts that I couldn’t change the admin password, but it was the same for all their boxes and someone posted it on my bulletin board. I changed it as soon as I could, but the techs were furious. Whatever man, I’m not letting anyone take control of my LAN because you can’t figure this shit out.