Protect yourself from automated attacks by not using five user IDs.
These five user IDs comprised 99.73% of the automated login attacks.
We recently developed a new, secure way to login to Linux servers. Dubbed Sekur SSH, it eliminates passwords with a 3-Factor Authentication process.
Excited about the theoretical security model, we decided to put it to a real-life test – an unprotected server directly accessible from the internet. No firewalls, no protection other than Sekur SSH.
It only took a minute or two before the automated login attacks started. In our first day, we received over 35,000 automated attacks. To ensure that we were not favoring a particular flavor of Linux, we added additional unprotected servers, covering Redhat, Centos, Ubuntu and Debian.
In this study, our servers received over one million login attempts. Used in 99.73% of automated attacks, these five user IDs should not be used, to protect yourself against data breaches.
User IDs to Avoid:
The good news for Sekur SSH is that none of the one million plus attacks were successful, because if you don’t have a password, it can’t be stolen or guessed, and you can't get in.
If you’d like more information about this study or join the free beta program for Sekur SSH, please contact me at info @ sekur.co.