Weak passwords were responsible for 31% of intrusions investigated in 2013

Study: 2014 Trustwave Global Security Report
Date: May 2014

Popular methods of intrusion for the 2013 breaches investigated by Trustwave:
  • 31%
  • Weak passwords*
  • 25%
  • Unknown**
  • 12%
  • File upload flaw
  • 10%
  • Vulnerable off-the-shelf software***
  • 8%
  • SQL injection
  • 6%
  • Phishing
  • 4%
  • Authorization flaw
  • 4%
  • Remote file inclusion, physical access, or directory traversal

    * - Includes passwords from VPN, SSH, remote desktop, application administration, etc. ** - Insufficient evidence to determine the mechanism of intrusion (due to poor logging practices or an attacker adept at covering their tracks) *** - Includes unpatched software and zero day attacks




    <-- Back to Authentication Statistic Index





    [Home] [About Us] [News] [Research]

    Copyright © 2017 PasswordResearch.com