LEFT SIDEBAR AD

Hidden in mobile, Best for skyscrapers.

Are Default Passwords Hiding in Your Active Directory? Here's how to check

1 year ago 139
BOOK THIS SPACE FOR AD
ARTICLE AD

Person looking at cybersecurity risks through a magnifying glass

One of the biggest cybersecurity mistakes that an organization can make is failing to change a default password. Consider for example, what might happen if a home user were to fail to change the default password on their Wi-Fi router.

A cybercriminal could perform a simple Web search to determine the router manufacturer’s default password and then log into the router. From there, the criminal could conceivably change the router’s password, effectively locking its owner out.

The problem, as this example illustrates, is that default passwords are well documented and easy to exploit, both in the home and in the enterprise. In fact, many password spraying attacks specifically target default passwords.

Atlassian has a product called Confluence that functions as a remotely accessible collaborative workspace. Besides the main Confluence app, the company also makes a supporting app called Questions for Confluence. This app, which has been downloaded thousands of times, automatically creates a default username and password that is used to facilitate customer data migration from the application to the Confluence Cloud.

Unfortunately, someone was able to figure out the default username and password that was hardcoded into the app and leaked the cracked credentials online. An attacker who knows these credentials can take full control over any non-restricted page within Confluence.

Worse still, uninstalling the Questions for Confluence app does not fix the problem because the credentials remain in place even after the app has been removed.

Atlassian has released a patch that will help to secure vulnerable systems, but is also asking affected customers to remove or disable the account named disabledsystemuser.

Even though this particular incident was specific to Atlassian, it underscores the dangers posed by default passwords.

Are default passwords inevitable?

Unfortunately, default passwords can be tough to avoid. Every organization uses them in at least some capacity. Think about your own organization and the process that you currently have in place for creating new user accounts. Chances are that those accounts are initially assigned a default password that must be changed the first time that a user logs in.

The problem with this is that there may be accounts lurking within your Active Directory that were created, but never used. Imagine what might happen if a new employee was hired, but failed to show up (a relatively common occurrence). An account might have already been created for the employee, and unless the organization has a policy in place for removing the account, it might exist indefinitely - with a default password.

Tracking down irrelevant default passwords

The question is, how can you track down default passwords on your network once they’re no longer useful? One of the best options is to use a free, read-only tool called Specops Password Auditor.

Although this tool does not crack passwords, it can tell you who among your users are using duplicate passwords. That being the case, you could create a new account with a default password and then run a report to find out if any other accounts are using the same password as the account that you just created (i.e. the default).

Incidentally, this report is also good for finding service accounts that are using identical passwords or admins who use the same password for both their privileged and unprivileged accounts.

It is worth noting that Specops Password Auditor can do much more than just checking for default passwords. You can also use it to locate users who have not changed their passwords for an extended period of time (which may indicate that the account has been abandoned).

Likewise, you can check for things like expired passwords, blank passwords, or passwords that are known to have been compromised.

Prevent the use of 3rd party default passwords in your Active Directory

The other thing that you should be doing is to make sure that no vendor default passwords exist within your Active Directory environments. One of the best options for preventing such passwords is to use Specops Password Policy, which allows you to create a custom list of banned passwords.

You can then populate this list with the passwords that hardware and software vendors use by default. That way, if anyone tries to use one of these default passwords, they will be prevented from doing so since they’re such a security vulnerability.

You can test out Specops Password Policy in your Active Directory for free, anytime.

Sponsored by Specops

Read Entire Article
  3. Are Default Passwords Hiding in Your Active Directory? Here's how to check

Related

Google patches third exploited Chrome zero-day in a week

Google patches third exploited Chrome zero-day in a week

Android to add new anti-theft and data protection features

Android to add new anti-theft and data protection features

Android 15, Google Play get new anti-malware and anti-fraud features

Android 15, Google Play get new anti-malware and anti-fraud features

Nissan North America data breach impacts over 53,000 employees

Nissan North America data breach impacts over 53,000 employees

Brothers arrested for $25 million theft in Ethereum blockchain attack

Brothers arrested for $25 million theft in Ethereum blockchain attack

Apple blocked $7 billion in fraudulent App Store purchases in 4 years

Apple blocked $7 billion in fraudulent App Store purchases in 4 years

Trending

1. Chelsea
2. Panchayat
3. Man United vs Newcastle
4. Harshal Patel
5. Dhruv Jurel
6. Slovakia
7. RBSE 10th Result 2024
8. Arsenal
9. Madhavi Raje
10. Last of Us

Popular

1-click RCE in Electron Applications

1-click RCE in Electron Applications

Install waybackurls on Kali Linux

Install waybackurls on Kali Linux

Over 40 Apps With More Than 100 Million Installs Found Leaking AWS Keys

Over 40 Apps With More Than 100 Million Installs Found Leaking AWS Keys

Microsoft Office Professional Plus 2019 (x64 & x86) Multilingual + Pre-Activated

Microsoft Office Professional Plus 2019 (x64 & x86) Multilingual + Pre-Activated

Install DalFox on Kali Linux

Install DalFox on Kali Linux

Adobe Master Collection CC 2022 v25.08.2022 (x64) Multilingual Pre-Activated

Adobe Master Collection CC 2022 v25.08.2022 (x64) Multilingual Pre-Activated

Maxon CINEMA 4D Studio S22.123 (x64) Multilingual + Crack

Maxon CINEMA 4D Studio S22.123 (x64) Multilingual + Crack

‘We are not motivated by profits’ – Open Bug Bounty maintainers on finding a niche in the crowdsourced AppSec market

‘We are not motivated by profits’ – Open Bug Bounty maintainers on finding a niche in the crowdsourced AppSec market

Just Gopher It: Escalating a Blind SSRF to RCE for $15k

Just Gopher It: Escalating a Blind SSRF to RCE for $15k

SketchUp Pro 2020 v20.2.172 (x64) Multilingual + Patch

SketchUp Pro 2020 v20.2.172 (x64) Multilingual + Patch

BOOK THIS SPACE FOR AD
RIGHT SIDEBAR BOTTOM AD
Bengali (Bangladesh) Bengali (Bangladesh) · English (United States) English (United States) ·
About Us · Terms & Condition · Contact Us
© Security Alert 2024. All rights are reserved