These are the passwords hackers try first when attacking devices – are yours included?

Don’t stick with the defaults

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Researchers from F-Secure have revealed the passwords most frequently used to attack honeypots – decoy servers around the world, designed to attract the attention of would-be hackers.

Perhaps unsurprisingly, the first password most attackers tried was ‘admin’, with ‘default’, ‘123456’ and ‘root’ following close behind.

Hackers also tried ‘vivx’ – the default password for DVRs made by Chinese company Dahua, which are used in security camera systems worldwide. Other popular passwords included ‘1001chin’ and ‘taZz@23495859’, which are factory defaults for other devices, such as routers.

The vast majority of the attacks on F-secure’s honeypots were from bots and malware scanning for IP addresses. These attacks can come from any device with an internet connection, including PCs and laptops, but also smart devices like toothbrushes and household appliances.

It’s therefore not only important for businesses to change their devices' default passwords, but for home users to take precautions andsecure their smart home devicesby reading privacy policies, changing logins from their factory settings, and disabling features they don’t need.

Secure your devices

Other steps you can take to secure smart devices include resetting your router’s name so its brand and model aren’t immediately obvious, and enabling two-factor authentication wherever possible.

It’s also important to make sure the device’s firmware is kept up to date, so you have any new security patches. Look for an option to enable automatic updates, and if you can’t find one, check the manufacturer’s website to make sure you have the most recent release installed.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

You can read the researchers' full findings inF-Secure’s report.

ViaZDNet

Cat is TechRadar’s Homes Editor specializing in kitchen appliances and smart home technology. She’s been a tech journalist for 15 years, and is here to help you choose the right devices for your home and do more with them. When not working she’s a keen home baker, and makes a pretty mean macaron.

Dangerous Android banking malware looks to trick victims with fake money transfers

Sophos Firewall hack on government network used an all-new custom malware

Arcane season 2 was reportedly going to run for five seasons, so why is my all-time favorite Netflix show ending after two?