Hackers Don’t Bother Trying to Guess Strong Passwords, New Research Shows
Here at Bitdefender, we’ve long stressed the importance of using strong, alphanumeric passwords. Using research, use-case scenarios, and fun campaigns, we’ve demonstrated that longer is better. Now, a researcher at Microsoft has evidence that suggests hackers might not even bother trying to guess your password if it’s too long or complex.
In a recent study of online behaviors, Bitdefender found that almost 60% of consumers could be deemed ‘exposed.’ Just 11% could be described as ‘secure’ in terms of their cybersecurity posture and practices. In a key finding, poor password management stood out as a core vulnerability.
A Microsoft researcher now cements the notion that password hygiene is indeed a critical vulnerability among internet users, showing that attackers prefer to work feasibly – by favoring weak passwords in their brute-force endeavors.
“I analysed the credentials entered from over >25 million brute force attacks against SSH. This is around 30 days of data in Microsoft’s sensor network,” Ross Bevington, head of Deception at Microsoft, tells The Record.
In security, deception describes the practice of setting up ‘honeypots’ (lures, traps etc.) to trick hackers into revealing their modus operandi.
“77% of attempts used a password between 1 and 7 characters. A password over 10 characters was only seen in 6% of cases,” said Bevington.
Only 7% of the brute-force attempts Bevington analyzed included a special character (#$%^&* etc.), 39% had at least one number, and none used passwords that included white space.
In other words, if you go to the trouble of setting up a 10-character password using letters, numbers and special characters – including spaces – you stand a very good chance of keeping your online accounts secure.
Food for thought.
Abode IoT Security Camera Vulnerabilities Would Let Attackers Insert Images, Bitdefender Finds
December 21, 2021
Online Shoppers Beware, Mobile Scams Are on the Rise
December 17, 2021
The Holiday Guide to Tech Support: Fixing the Family Computer
November 24, 2021
Bitdefender Celebrates 20 Years of Cybersecurity Leadership
November 04, 2021
Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords
October 26, 2021
What are drive-by download attacks and how do you prevent them?
October 25, 2021