Saturday, November 28, 2009

Microsoft releases password attack data

Microsoft released data collected from an FTP-server honeypot, showing that attempts to guess passwords continue to focus on the low-hanging fruit: passwords with an average length of eight characters, with "password" and "123456" being the most common.

The data is part of a project to monitor attacks that everyday users might encounter on a regular basis. Most of the attacks attempted to log into the administrator account on English and French computers -- "Administrator" and "Administrateur" were, by far, the two most popular usernames -- using a variety of passwords. The attackers were typically compromised computer that were part of a botnet, Microsoft researchers stated on the company's Malware Protection Center blog.

Source: http://www.securityfocus.com

1 comment:

Dmitry Evteev said...

The third position of passwords (#!comment:) reflects lacks of such research. Passwords of the real world: http://ptresearch.blogspot.com/2009/11/password-analysis-for-windows-live.html