The Cloud Consultancy Europe Ltd.
+44 (0) 203 637 6667 [email protected]

Specops Software released research analyzing the top passwords used in live attacks against Remote Desktop Protocol (RDP) ports. This analysis coincides with the latest addition of over 34 million compromised passwords to the Specops Breached Password Protection Service, which now includes over 3 billion unique compromised passwords.

RDP over TCP Port 3389 is a popular way to provide IT teams remote network access to remote workers. While attacks on RDP ports grew during the COVID-19 pandemic as a result of the rise of remote work, the port has continued to be a popular attack method for criminals despite many workers returning to the office. Password-related attacks continue to top the list of attack methods, with recent research finding brute force password guessing accounts for 41% of all intrusion vectors.

In an analysis of over 4.6 million passwords collected in October 2022 from Specops Software’s honeypot system, the most common base terms found in passwords used to attack TCP Port 3389 included:

  • Password
  • p@ssw0rd
  • Welcome
  • admin
  • Passw0rd
  • p@ssword
  • pa$$w0rd
  • qwerty
  • User
  • test

Additionally, an analysis of port attack data including the RDP port and others revealed several password patterns, with more than 88% containing 12 characters or less, nearly 24% containing just 8 characters, and just under 19% containing only lowercase letters.

“Weak passwords continue to leave organizations vulnerable to attacks on RDP ports and other systems, but it doesn’t have to be this way,” said Darren James, Head of Internal IT, Specops Software. “It is imperative that organizations adopt stronger password policies, such as requiring longer passphrases, introducing length-based password aging, and blocking compromised passwords.”

Source: HelpNetSecurity


The Cloud Consultancy provision, setup and manage SME Cyber Security services to protect your business. Whatever your business, however big or small it is, you will receive phishing attacks at some point. Think about how you will help your staff understand the threat and how to spot phishing. As with other advice, give them the tools to defend against it in their personal lives and they will bring that behaviour back to work. There are other important steps which mitigate the impact when the phishing succeeds. You will never stop it all. DO NOT BLAME staff when they get it wrong – they are only human.