Two million VPN passwords stolen by malware, here are the most compromised

In a recent study, Specops Software revealed that more than 2.1 million VPN passwords were compromised in the past year. The company also reveals which VPN provider is most impacted, and it’s not the one you would have expected.

©Towfiqu Barbhuiya/Unsplash

Specops Software is a company specializing in password management and regularly publishes studies and audits on their level of security. Its latest study on the two million VPN passwords compromised by malware reveals, among other things, that these passwords are no more secure than others.

Also read:
Hacked passwords: stop using terms from Star Wars and football

What are the most compromised VPN passwords?

VPNs are sometimes considered the pinnacle of cybersecurity, but in reality, they too are vulnerable to cyberattacks. According to Specops Software, “ it is much easier for cybercriminals to target end-user login credentials than to try to hack VPNs themselves« .

Even VPNs with the most reliable security solutions can be heavily impacted. In the top 3 most compromised VPN providers, we find NordVPN, ExpressVPN and Proton VPN in first position and which are affected by more than half of the two million stolen passwords.

Proton VPN is the VPN most affected by credential theft: 1.3 million passwords are compromised.

As for the most compromised passwords, we find the great classics “123456”, “123456789” and “12345678”. In the lot, we also find “protonvpn”, “1111”, “qwerty” (don’t make the same mistake with “azerty”) or even the unforgettable “password”. We find almost the same occurrences among corporate VPNs, with the famous “admin” and “admin123” at the top.

Top Compromised VPN Passwords/© Specops Software

Also read:
Free VPNs: why should you be wary of them? What are the risks?

Securing the identifiers of all your accounts (bank account, social networks, streaming platform, etc.) is more complicated than it seems.

You can create a long password (12 characters or more according to the CNIL), with capital letters, numbers and symbols as well as a mnemonic to remember it. However, you should avoid those that include information about you such as your date of birth or your mother’s maiden name.

It is best to create a unique password for each account and write them down somewhere to remember them. Post-it notes, Word files and mailboxes are strongly discouraged, so what should you do if you have dozens of passwords, to the point where it is impossible to remember them all?

Today, the most reliable solution is the password manager. These software create and save ultra-complex passwords and automatically enter them when you need to enter credentials. There is no longer any need to make the effort to remember each of your passwords, except that of the manager himself.

Password managers can also work with two-factor authentication or biometric authentication to add an extra layer of security.

Also read:
What are the best free and paid password managers?


-

-

PREV These online psychics did not see the Cnil sanction coming! …
NEXT Intel is making its energy and AI revolution with the Core Ultra 200S for desktop PCs