After analysing 1.8 million breached administrator credentials, 40,000 admin portal accounts were found to be using ‘admin’ as a password.