A Clark School study at the University of Maryland found a near-constant rate of hacker attacks of computers with Internet access—every 39 seconds on average—and non-secure usernames and passwords give attackers more chance of success.
“Brute force” hackers, use simple software-aided techniques to randomly attack large numbers of computers.The vast majority of attacks came from relatively unsophisticated hackers using “dictionary scripts,” a type of software that runs through lists of common usernames and passwords attempting to break into a computer.
Top usernames in the hackers’ scripts were “test,” “guest,” “info,” “adm,” “mysql,” “user,” “administrator” and “oracle’ so avoid use of these. The most common password-guessing ploy is to re-enter or to try variations of the username. Some 43 percent of all password-guessing attempts simply reentered the username. The username followed by “123” was the second most-tried choice.
A password should never be identical or even related to its associated username.
The hackers’ most common sequence of actions is to check the accessed computer’s software configuration, change the password, check the hardware and/or software configuration again, download a file, install the downloaded program, and then run it.
http://www.eng.umd.edu/html/news/news_story.php?id=1881
