Atualizado: fevereiro de 2026
Top 100 Usernames SSH Atacados
Os nomes de usuario mais utilizados em ataques de forca bruta SSH. Evite usar nomes de usuario previsiveis.
| # | Username | Tentativas | IPs |
|---|---|---|---|
| 1 | root | 8890 | 535 |
| 2 | admin | 2517 | 256 |
| 3 | sol | 1794 | 30 |
| 4 | ubuntu | 1639 | 180 |
| 5 | solana | 1563 | 25 |
| 6 | user | 984 | 155 |
| 7 | test | 849 | 134 |
| 8 | postgres | 760 | 95 |
| 9 | oracle | 660 | 76 |
| 10 | solv | 591 | 15 |
| 11 | guest | 448 | 59 |
| 12 | mysql | 392 | 50 |
| 13 | claude | 296 | 241 |
| 14 | 345gs5662d34 | 284 | 179 |
| 15 | git | 249 | 61 |
| 16 | centos | 204 | 27 |
| 17 | hadoop | 184 | 33 |
| 18 | deploy | 181 | 71 |
| 19 | validator | 172 | 15 |
| 20 | administrator | 154 | 47 |
| 21 | ftpuser | 154 | 77 |
| 22 | debian | 150 | 41 |
| 23 | backup | 144 | 24 |
| 24 | node | 139 | 21 |
| 25 | elastic | 128 | 19 |
| 26 | minoxidil4you | 120 | 26 |
| 27 | john | 119 | 16 |
| 28 | www | 118 | 30 |
| 29 | docker | 117 | 18 |
| 30 | zabbix | 117 | 16 |
| 31 | pi | 114 | 24 |
| 32 | dev | 113 | 51 |
| 33 | es | 111 | 18 |
| 34 | developer | 100 | 28 |
| 35 | support | 96 | 25 |
| 36 | apache | 89 | 21 |
| 37 | tomcat | 85 | 19 |
| 38 | minecraft | 82 | 42 |
| 39 | steam | 80 | 38 |
| 40 | ftp | 78 | 24 |
| 41 | jenkins | 78 | 34 |
| 42 | ansible | 75 | 21 |
| 43 | firedancer | 72 | 7 |
| 44 | test1 | 71 | 22 |
| 45 | operator | 68 | 11 |
| 46 | bot | 65 | 25 |
| 47 | user1 | 65 | 54 |
| 48 | gerrit | 65 | 5 |
| 49 | ftptest | 65 | 6 |
| 50 | master | 63 | 8 |
| 51 | elasticsearch | 63 | 17 |
| 52 | nginx | 62 | 17 |
| 53 | raydium | 62 | 6 |
| 54 | nagios | 59 | 22 |
| 55 | dspace | 57 | 8 |
| 56 | ali | 56 | 16 |
| 57 | a | 56 | 21 |
| 58 | sysadmin | 55 | 28 |
| 59 | trader | 54 | 5 |
| 60 | daemon | 53 | 7 |
| 61 | trading | 53 | 5 |
| 62 | lighthouse | 53 | 9 |
| 63 | search | 52 | 3 |
| 64 | ec2-user | 52 | 15 |
| 65 | alex | 52 | 19 |
| 66 | weblogic | 52 | 23 |
| 67 | newuser | 52 | 7 |
| 68 | deployer | 52 | 25 |
| 69 | slv | 48 | 1 |
| 70 | odoo16 | 48 | 5 |
| 71 | testuser | 48 | 33 |
| 72 | solnode | 42 | 1 |
| 73 | info | 41 | 14 |
| 74 | sa | 41 | 11 |
| 75 | ethereum | 39 | 6 |
| 76 | ps | 39 | 3 |
| 77 | svn | 38 | 5 |
| 78 | www-data | 38 | 5 |
| 79 | mapr | 38 | 3 |
| 80 | fedora | 37 | 7 |
| 81 | anonymous | 36 | 9 |
| 82 | server | 36 | 30 |
| 83 | adam | 36 | 11 |
| 84 | ubnt | 35 | 11 |
| 85 | system | 34 | 13 |
| 86 | admin1 | 34 | 12 |
| 87 | jibs | 33 | 3 |
| 88 | 3d | 33 | 3 |
| 89 | app | 32 | 18 |
| 90 | minima | 31 | 5 |
| 91 | ops | 31 | 7 |
| 92 | aaa | 30 | 10 |
| 93 | redis | 27 | 7 |
| 94 | vagrant | 27 | 8 |
| 95 | webadmin | 27 | 15 |
| 96 | ssh | 26 | 6 |
| 97 | mongodb | 26 | 6 |
| 98 | teamspeak | 26 | 19 |
| 99 | Accept: */* | 26 | 1 |
| 100 | User-Agent: python-requests/2.27.1 | 26 | 1 |
RECOMENDACOES
- •Desabilite o login de root via SSH
- •Use nomes de usuario unicos e imprevisiveis
- •Implemente autenticacao por chave publica
- •Configure fail2ban para bloquear IPs