Modernizing Authentication — What It Takes to Transform Secure Access
Specifically, the server, which was controlling an instance of the Pony botnet, held 1,580,000 Web site login credentials, 320,000 e-mail account credentials, 41,000 FTP account credentials, 3,000 Remote Desktop credentials, and 3,000 Secure Shell account credentials.
The researchers note that while Facebook credentials may be high-profile, the server also held almost 8,000 login credentials for payroll service ADP, which would likely have more direct financial repercussions for the victims than a breach of a social networking site.
A list of the 10 most common passwords found on the server indicates once again that most people aren't exercising caution in selecting a password -- "123456" was the most popular, followed by "123456789," "1234," and "password."https://o1.qnsr.com/log/p.gif?;n=203;c=204634421;s=15939;x=7936;f=201702151714490;u=j;z=TIMESTAMP;a=20304455;e=i
Photo courtesy of Shutterstock.