1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Admins everywhere are making this really basic password security

    From TechnologyDaily@1337:1/100 to All on Wed Oct 18 10:00:06 2023
    Admins everywhere are making this really basic password security mistake

    Date:
    Wed, 18 Oct 2023 09:44:47 +0000

    Description:
    Report finds admin portals are being secured with the weakest passwords possible, leaving the door wide open for hackers.

    FULL STORY ======================================================================

    It seems that even IT admins, who should know better, aren't even using
    strong passwords to secure portals.

    Research from cybersecurity firm Outpost24 has found that out of close to two million admin passwords, over 40,000 of them were simply 'admin', a common default password that is supposed to be changed after initial access.

    The credentials the firm gathered came from leaks via infostealing malware used by bad actors. Although many of these passwords were not stored in plain text, it said that it was able to guess them quite easily. Easy cracking

    Outpost24found that there were plenty of other weak passwords besides 'admin' and its variations too, including '123456' (and other similar numerical sequences), 'Password', and 'demo'.

    Admin portals could be valuable to threat actors, as they could contain configuration and security settings, or allow access to customer info and large databases.

    The story is an all too familar one. Numerous studies have found that when people are left to their own devices to create passwords, they routinely use the weakest ones possible, for the sake of convenience.

    For instance, Keeper Security found that out of the 8,000 users it surveyed, three-quarters didn't follow the recommended password guidelines, with two thirds using weak or the same password across various accounts.

    In its recommendations for staying safe, Outpost24 says organizations should use endpoint protection and a detection response solution, as well as disabling password saving and autofill in web browsers. They should also double check domain names when they are being redirected to different pages
    to make sure they are genuine.

    Using one of the best business password manager solutions can also be a huge benefit for firms, allowing strong and unique passwords to be created with ease, and stored securely in a cloud vault that can be managed by admins to grant or restrict access to employees as required. MORE FROM TECHRADAR PRO This are the best authenticator apps to secure your passwords even further
    How to make your passwords more secure Bad news - turns out even long passwords can be cracked easily



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/admins-everywhere-are-making-this-reall y-basic-password-security-mistake


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)