A Specops report reveals the most common passwords used in RDP attacks, with weak credentials like "123456" and "Password1" frequently targeted. Analyzing NTLMv2 hashes from late 2024 to March 2025, researchers cracked 40% of them, showing that many rely on simple numeric or lowercase passwords. With RDP a prime cyberattack target, Specops recommends using MFA, restricting internet exposure, enforcing strong passwords, and monitoring for compromised credentials to enhance security.

‍