» » » Attackers Don't Bother Brute-forcing Long Passwords, Microsoft Engineer Says

Attackers Don't Bother Brute-forcing Long Passwords, Microsoft Engineer Says

, Edit
According to data collected by Microsoft's network of honeypot servers, most brute-force attackers primarily attempt to guess short passwords, with very few attacks targeting credentials that are either long or contain complex characters. From a report: "I analysed the credentials entered from over -- million brute force attacks against SSH. This is around 30 days of data in Microsoft's sensor network," said Ross Bevington, a security researcher at Microsoft. "77% of attempts used a password between 1 and 7 characters. A password over 10 characters was only seen in 6% of cases," said Bevington, who works as Head of Deception at Microsoft, a position in which he's tasked with creating legitimate-looking honeypot systems in order to study attacker trends.

Read more of this story at Slashdot.



from Slashdot https://ift.tt/3cDH4Tx

SUBSCRIBE TO OUR NEWSLETTER

Admin

“Work hard in silence, let your success be your noise"

0 Response to "Attackers Don't Bother Brute-forcing Long Passwords, Microsoft Engineer Says"

Post a Comment

Subscribe to: Post Comments (Atom)

ad

Search Your Job