1 min read

Hackers Don’t Bother Trying to Guess Strong Passwords, New Research Shows

Filip TRUȚĂ

November 23, 2021

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Hackers Don’t Bother Trying to Guess Strong Passwords, New Research Shows

Here at Bitdefender, we’ve long stressed the importance of using strong, alphanumeric passwords. Using research, use-case scenarios, and fun campaigns, we’ve demonstrated that longer is better. Now, a researcher at Microsoft has evidence that suggests hackers might not even bother trying to guess your password if it’s too long or complex.

In a recent study of online behaviors, Bitdefender found that almost 60% of consumers could be deemed ‘exposed.’ Just 11% could be described as ‘secure’ in terms of their cybersecurity posture and practices. In a key finding, poor password management stood out as a core vulnerability.

A Microsoft researcher now cements the notion that password hygiene is indeed a critical vulnerability among internet users, showing that attackers prefer to work feasibly – by favoring weak passwords in their brute-force endeavors.

“I analysed the credentials entered from over >25 million brute force attacks against SSH. This is around 30 days of data in Microsoft’s sensor network,” Ross Bevington, head of Deception at Microsoft, tells The Record.

In security, deception describes the practice of setting up ‘honeypots’ (lures, traps etc.) to trick hackers into revealing their modus operandi.

“77% of attempts used a password between 1 and 7 characters. A password over 10 characters was only seen in 6% of cases,” said Bevington.

Only 7% of the brute-force attempts Bevington analyzed included a special character (#$%^&* etc.), 39% had at least one number, and none used passwords that included white space.

In other words, if you go to the trouble of setting up a 10-character password using letters, numbers and special characters – including spaces – you stand a very good chance of keeping your online accounts secure.

Food for thought.

tags


Author



Right now

Top posts

Threat actors impersonate Canadian gas retailer to deliver malicious OneNote phishing campaign, Bitdefender Labs warns

Threat actors impersonate Canadian gas retailer to deliver malicious OneNote phishing campaign, Bitdefender Labs warns

January 26, 2023

2 min read
Spammers phish eager vacationers with travel-themed lures, Bitdefender Antispam Lab warns

Spammers phish eager vacationers with travel-themed lures, Bitdefender Antispam Lab warns

January 19, 2023

4 min read
Enhance your cyber resilience and privacy on Computer Security Day in four easy steps

Enhance your cyber resilience and privacy on Computer Security Day in four easy steps

November 29, 2022

2 min read
How to monitor your online privacy during your Thanksgiving trip

How to monitor your online privacy during your Thanksgiving trip

November 22, 2022

3 min read
Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

November 16, 2022

6 min read
Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

November 14, 2022

5 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Meta Pays Out Bounties for Account Takeover and Two-Factor Authentication Bypass Exploits Meta Pays Out Bounties for Account Takeover and Two-Factor Authentication Bypass Exploits
Silviu STAHIE

January 31, 2023

1 min read
Hackers steal 10 million customer details from JD Sports Hackers steal 10 million customer details from JD Sports
Graham CLULEY

January 30, 2023

2 min read
North Korean Hackers Tried to Launder $100 Million in Crypto Stolen in 2022 North Korean Hackers Tried to Launder $100 Million in Crypto Stolen in 2022
Silviu STAHIE

January 25, 2023

1 min read