The Specops 2025 Breached Password Report reveals that over 1 billion passwords were stolen by malware in the past year, exposing persistent weaknesses in password security practices. Despite meeting complexity requirements, 230 million stolen passwords were compromised, and weak passwords like "123456" and "admin" remain common, highlighting a lack of user education. Credential-stealing malware like Redline, Vidar, and Raccoon Stealer are driving these breaches, exploiting vulnerabilities across platforms and benefiting from the "malware-as-a-service" model. Reusing passwords across accounts increases the risk of compromise, enabling attackers to access sensitive systems and data. To combat these threats, experts emphasize the importance of stronger password policies, frequent Active Directory scans, user education, and Multi-Factor Authentication (MFA) to mitigate risks effectively. Continue here.
