Analysis of more than 1.8 million admin portals reveals IT leaders, with the highest privileges, are just as lazy about passwords as everyone else.

concept art of admin portal login
Source: ronstik via Alamy Stock Photo

After sifting through more than 1.8 million pages identified as admin portals, researchers made a disheartening discovery — 40,000 of them used "admin" as its password, making it the most popular credential used by IT administrators.

The research was conducted on 2023 passwords between January and September by a team with Outpost24, which also found an increased reliance on default passwords.

The top 10 passwords discovered by the analysis included common defaults and easy-to-guess options:

  1. admin

  2. 123456

  3. 12345678

  4. 1234

  5. Password

  6. 123

  7. 12345

  8. admin123

  9. 123456789

  10. adminisp

"While our top 20 findings are limited to known and predictable passwords, the fact that they were associated with admin portals also tells us that bad actors are well equipped to target privileged users," the Outpost24 team explained.

The researchers highlighted the continuing efforts of "traffers," organized groups of cybercriminals that use malware to target admins and steal their credentials.

"To secure passwords and consequently business data, there are two key takeaways," the report added. "One is securing passwords through standard best practices, and the second is avoiding malware infection."

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights