ZDNETMicrosoft’s Remote Desktop Protocol is a handy method for signing in to and controlling remote PCs and servers, especially for hybrid workers. But RDP is also an inviting target for cybercriminals looking to gain access to an organization’s network and other critical resources. That’s why using a strong and complex password for remote desktop accounts is vital. Unfortunately, this is an area where many people and companies fall short.Also: Hackers stole this engineer’s 1Password database. Could it happen to you?In a report released Tuesday, password security provider Specops revealed the top 10 most common passwords attackers use to exploit RDP connections. In total, more than 1 billion stolen passwords captured by cybercriminals in 2024 were included in the analysis. The results show that many people ignore standard best practices when creating passwords, even for important systems. Organizations that monitor their RDP servers have found hundreds or even thousands of failed login attempts from hackers, bots, ransomware gangs, and more. Once they find an open and exposed RDP port, attackers use brute force to try a large number of username and password combinations to gain access. The simpler the password, the quicker the attacker can gain and exploit access. Which passwords were the worst offenders?To little or no surprise, 123456 was the most common password stolen by malicious attacks. This indicates that many people are still turning to “keyboard walks” — passwords created by typing a string of adjacent keys on the keyboard.In second place was 1234, presumably chosen by people who couldnt be bothered to add the 5 and 6. Next up was Password1, followed by 12345.Also: How AI agents help hackers steal your confidential data – and what to do about itIn the fifth spot was P@sswOrd, suggesting that some people knew enough to add a special character, albeit to a still weak password. However, P@sswOrd may be popular because it meets the standard requirements of eight characters, one capital letter, one number, and one special character, according to Specops.Rounding out the list were password, Password123, Welcome1, 12345678, and Aa123456. The addition of Welcome1 could signal that many employees are given such weak temporary passwords to start but arent forced to change them. Otherwise, most of the top 10 used either a string of common numbers or some variation of the word password. More
