Recent Trends in Password List Attacks and Countermeasures

Recent Trends in Password List Attacks and Countermeasures

Global attacks on passwords list is on the rise. These attacks are more sophisticated than the typical brute force attack or the dictionary attack.


What is a password list attack?

With password list attacks, attackers try to gain access illegally via the regular route with the correct list of passwords and IDs which they have gotten from somewhere previous to the attack. In this case, the login attempt number by the ID becomes so few that it is often difficult to differentiate proper access from an attack.

If the users reuse a password on multiple sites, there is a real danger of that password being taken, and then used to successfully gain access to other sites. It is for this reason that we recommend that you use different a ID and password combination on each site.

Moreover, the time has come to consider more security measures like 2-step verification on web application servers.

From the viewpoint of attackers, dictionary attacks, where the attacker attempts to gain access through a variety of words and passwords which are perceived to be used often, are more efficient than a brute force attack where they just try passwords randomly. Further still, a list of correct IDs and passwords, with the ease at which it allows access, is like a magic item.

It’s also thought that the lists used in dictionary attacks are generally based on reference to publicly available information.

On the contrary, if we refer to a password list beforehand and prevent users from setting a frequently used password, it should be a good system to protect from attacks.

Famous list providing service

Here, we’ll introduce a renowned list providing service.


– provides a list for general password tracking which attackers use
– Provides the list on both paid and free services.

I tried to download the list in the free version.

When you unzip the password.gz, you will see a file called” password.lst.” Open it with the. list viewer. It shows “Last update: 2011/11/20 (3546 entries) “. It seems that they have not updated the free version for a long time. The passwords are listed in order of appearance, but I was a little surprised that this included the password I usually use.

Here is the most frequently used password Top20.

21234512qwerty22 canada
3password13 money23 hello
4password114 carmen  
512345678915 mickey  
61234567816 secret  
7123456789017 summer  
8abc12318 internet  
9computer19 a1b2c3  
10tigger20 123  

Moreover, the attackers use the list by inputting it into a tool such as THC-Hydra or Medusa. We won’t explain the details on the usage of these tools here. In any case, If attackers use these tools and you can detect the access from them, you can defend against their attacks.

We recommend using cloud bot attack detection to detect any usage of the above tools and defend from the attack.

Today, we introduce you to CDNetworks offering “Cloud Security Bot Manager.”

CDNetworks offers you Cloud Security “Bot Shield”

CDNetworks offers the cloud bot attack countermeasure “Bot Shield,” which is a countermeasure to detect and defend recently increasing cyber-attacks.

Bot Shield is a cloud bot countermeasure integrated with the global CDN platform. It is equipped with multiple features which detect and block increasing cyber-attacks via bots beforehand, strengthen web security, and provide high-performance and highly-available web delivery. It also helps to detect unknown attacks (zero-day) by bots, protects your website from a wide variety of attacks, and improves the user experience by keep service consistency.

With Bot Shield you can set 5 defense levels to detect and block bad bots: “IP rate limiting”, “Javascript Challenge”, “Capture”, “DFC (Device finger print Challenge)”, “HIC”.

Learn more about CDNetworks Bot Shield