Recently I decided to run a honeypot on a spare server I could get my hands on. I installed some software and let it log some things, just to check what would come by. What astonished me mostly was the use of passwords that came by. I always thought that they would just simply check a static list and you would get a near perfect list of passwords that was used over and over. I found out they are actually quite different every time.
In total I saw an total of 1561 different passwords in 100 captured sessions. A lot of the sessions also appear to be hit and run, they log in a few times and try several passwords. Even if they guess the password right, they just run away and be done with it. Not once they came back, even though 42 sessions hit the jackpot with the password (it’s really simple and it’s not even in the top 10 of most tried passwords).
The top 10 of most used password are these:
|Nr||Password||Times of occurance|
I’m still figuring out what I truly learned from this; do people truly use this kind of passwords? Or are this simple passwords that are just to easy to just try, just because there’s a remote chance someone uses these.