In what should ring alarm bells, "123456" was the most attempted login password in the Mumbai cloud server honeypot.

A honeypot is a system intended to mimic likely targets of cyberattackers so that security researchers can monitor cybercriminal behaviours.

Sophos, a global leader in network and endpoint security, recently announced the findings of its report, "Exposed: Cyber attacks on Cloud Honeypots", which said the honeypot saw more than 1,376 login attempts by cyberattackers within a span of 30 days.

The findings were released on World Password day on May 2.

The honeypots were set up in 10 of the most popular Amazon Web Services (AWS) data centres in the world, including California, Frankfurt, Ireland, London, Mumbai, Ohio, Paris, Sao Paulo, Singapore, and Sydney over a 30-day period.

“Passwords are an important aspect of computer security - they are the front line of protection for user accounts in a very wide variety of services and systems. Unfortunately, people are not changing factory default passwords, which cybercriminals are counting on to carry out their attacks. Building strong, unique passwords and using a password manager to keep track of them is a best security practice everyone should use in this digital age,” said Sunil Sharma, managing director sales, Sophos India & SAARC.

Sophos recommended users to enable multi-factor authentication wherever possible. This adds an additional layer of protection against someone trying to access personal accounts.

It also advised the use of complex passcodes for email addresses and social media accounts that need to be secure.