Microsoft Bans Simple Passwords On All Its Accounts

Microsoft account holders are being forced to upgrade their passwords, after the company announced a ban for all simple or commonly used login credentials

The move comes after a hacker placed 117 million LinkedIn account details including names, emails and passwords up for sale, forcing the professional business social network to invalidate affected passwords.

Password Complexity

Poor passwords have long been the bane of security professionals, and now the Microsoft Identity Division has forced users to use more complex passwords to better protect their Microsoft accounts.

The company said that has already activated this feature for regular Microsoft Account users and is holding a limited private preview for Microsoft Azure Active Directory services.

It has banned the use of easy-to-guess passwords (such as password or 12345678) on Hotmail, ever since 2011.

Read More: to find out the top five password security tips for businesses.

“The most important thing to keep in mind when selecting a password is to choose one that is unique, and therefore hard to guess,” said Alex Weinert, Group Program Manager of Azure AD Identity Protection team. “We help you do this in the Microsoft Account and Azure AD system by dynamically banning commonly used passwords.”

He pointed that Microsoft is seeing more than 10 million accounts attacked daily.

“So we have a lot of data about which passwords are in play in those attacks,” he wrote. “We use this data to maintain a dynamically updated banned password list.”

Long Campaign

Microsoft has been trying hard to improve user authentication for a while now. Last year it announced certain Windows 10 apps and services would be password free, and would use biometric security instead.

But it is not the only organisation trying to persuade users to utilise more complex passwords. Last year GCHQ, the UK’s top secret surveillance intelligence agency, offered up its advice on how consumers can ensure their passwords are fit for purpose.

And this is because users are pretty bad when it comes to using easy passwords. Research from security firm SplashData for example has shown that the world’s most common passwords are ‘123456’, closely followed by ‘password’. These two passwords have topped the list of bad passwords since the survey began in 2011.

Last June research from security firm Trustwave found that over half of passwords tested could be cracked in less than 24 hours. The firm examined 499,556 hashed passwords gathered during thousands of penetration tests performed throughout last year, found that 51 percent of those could be cracked within 24 hours and 88 percent within two weeks.

Weak passwords are a major factor in many of security breaches, as hackers take advantage of poor controls to hack into company networks.

Even password storing tools may not be a safe alternative, after the password storing site Lastpass was hacked last year.

Are you a security guru? Try our quiz!

Tom Jowitt

Tom Jowitt is a leading British tech freelancer and long standing contributor to Silicon UK. He is also a bit of a Lord of the Rings nut...

Recent Posts

Ericsson To Cut 1,200 Jobs in Sweden Amid ‘Challenging’ Market

Swedish telecoms giant Ericsson blamed “challenging mobile networks market” and “further volume contraction” for job…

4 hours ago

FTX’s Sam Bankman-Fried Sentenced To 25 Years In Prison For $8bn Fraud

Dramatic downfall. Sam Bankman-Fried sentenced to 25 years in prison for masterminding $8bn fraud that…

5 hours ago

Elon Musk Orders FSD Demo For Every Tesla US Sale

Fallout avoidance? Tesla buyers in the US must be shown how to use the FSD…

6 hours ago

Amazon Pumps Another $2.75 Billion Into Anthropic

Amazon completes its $4bn investment into AI firm Anthropic, after providing an additional $2.75bn in…

8 hours ago

The Sustainability of AI

While AI promises unparalleled efficiency, productivity, and innovation, questions regarding its environmental impact loom large.…

10 hours ago

Trump’s Truth Social Makes Successful Market Debut

Shares in Donald Trump’s social media company rose about 16 percent after first day of…

11 hours ago