Loading
Credential observed in 15,986 sessions across 1 protocol.
The username “-f root” was first observed on 2026-01-24 and last seen on 2026-03-17. It has been used in 15,986 attack sessions across 1 different protocol, making it a frequently targeted credential in our honeypot sensor network.
Attackers use this username during automated brute-force and credential stuffing attacks. To protect your systems, ensure this username is either disabled or secured with a strong, unique password. Monitor login attempts with tools like Fail2Ban and check IPs against the SikkerAPI threat database. For automated protection, use our CLI tool or REST API.