VendorsSpecops Software
Specops Software
Cybersecurity reports and statistics published by Specops Software
8 categories1 reports
Research Reports
Reports and publications from Specops Software
Recent Statistics & Reports
Only 12% of organisations have moved away from using passwords as their primary method of authentication.
1/1/2025•
AuthenticationPassword SecurityOrganizations
Over 31 million of the breached passwords were over 16 characters in length.
1/1/2025•
Password SecurityCredentialsData breach
123456 was the most common compromised password found in a new list of breached cloud application credentials.
1/1/2025•
Password SecurityCredentialsData breach
The most commonly used keyboard walk pattern was “Qwerty,” which appeared over 1 million times in a list of compromised passwords.
1/1/2025•
Password SecurityCredentialsCommon passwords
Simple passwords like Pass@123 and P@ssw0rd, which meet basic Active Directory requirements, are frequently used, increasing the risk of password reuse.
1/1/2025•
Password SecurityActive DirectoryCredentials
45% of organisations who only check for compromised passwords during expiry or reset events average only two checks for compromised passwords per year.
1/1/2025•
Password SecurityBreach DetectionMonitoring
Organisations using SaaS apps have an average of 47,750 passwords to manage.
1/1/2025•
SaaSPassword SecurityManagement
Only 50% of organisations scan for compromised passwords more than once a month.
1/1/2025•
Password SecurityBreach DetectionMonitoring
Keyboard walks such as ‘qwerty’ are weak passwords used by millions of end users.
1/1/2025•
Password SecurityEnd UsersWeak passwords
31.1 million breached passwords were over 16 characters in length.
1/1/2025•
Password SecurityCredentialsData breach
The most common base terms used in breached passwords were “password”, “admin”, and “welcome”.
1/1/2025•
Password SecurityCredentialsCommon passwords
53% of people admit to using the same password across multiple accounts.
1/1/2025•
Password SecurityCredentialsAccount security
The most common length for compromised passwords was 8 characters (212.5 million total).
1/1/2025•
Password SecurityCredentialsLength
After analysing 1.8 million breached administrator credentials, 40,000 admin portal accounts were found to be using ‘admin’ as a password.
1/1/2025•
Password SecurityAdministrator AccountCredentials
88% of organisations still use passwords as their primary method of authentication.
1/1/2025•
AuthenticationPassword SecurityCredentials
83% of compromised passwords satisfied the length and complexity requirements of regulatory password standards.
1/1/2025•
Password SecurityRegulatory ComplianceComplexity
Requiring an Active Directory password length of at least 13 characters would significantly reduce the risk of cloud application password reuse.
1/1/2025•
Password SecurityActive DirectoryCredentials