An overview of the usage of default passwords

Citation data:

Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST, ISSN: 1867-8211, Vol: 216, Page: 195-203

Publication Year:
Usage 232
Downloads 131
Abstract Views 101
Social Media 2
Tweets 2
Repository URL:
Knierem, Brandon; Zhang, Xiaolu; Levine, Philip; Breitinger, Frank; Baggili, Ibrahim
Springer Nature
Computer Science; Default passwords; applications; usage; security; Computer Engineering; Computer Sciences; Electrical and Computer Engineering; Forensic Science and Technology; Information Security
Most Recent Tweet View All Tweets
conference paper description
The recent Mirai botnet attack demonstrated the danger of using default passwords and showed it is still a major problem. In this study we investigated several common applications and their password policies. Specifically, we analyzed if these applications: (1) have default passwords or (2) allow the user to set a weak password (i.e., they do not properly enforce a password policy). Our study shows that default passwords are still a significant problem: 61% of applications inspected initially used a default or blank password. When changing the password, 58% allowed a blank password, 35% allowed a weak password of 1 character.