Home Microsoft Microsoft Found 44M Accounts Using Breached Passwords

Microsoft Found 44M Accounts Using Breached Passwords

Microsoft has discovered that 44 million user accounts are using usernames and passwords that have been leaked through different kind of security breaches.

A report from ZDNet says that the vulnerable account logins were discovered when Microsoft’s threat research team carried out a scan of all Microsoft accounts between January and March this year. The accounts were compared to a database of over three billion sets of leaked credentials and resulted in 44 million matches.

These accounts were spread between regular user accounts used by consumers (Microsoft Services Accounts) and enterprise accounts in the form of Microsoft Azure AD logins. In response, Microsoft explained, “For the leaked credentials for which we found a match, we force a password reset. No additional action is required on the consumer side … On the enterprise side, Microsoft will elevate the user risk and alert the administrator so that a credential reset can be enforced.”

Microsoft recommend that, “Given the frequency of passwords being reused by multiple individuals, it is critical to back your password with some form of strong credential. Multi-Factor Authentication (MFA) is an important security mechanism that can dramatically improve your security posture. Our numbers show that 99.9% of identity attacks have been thwarted by turning on MFA.”

Picking a password is always a trade-off between what’s memorable and what’s strong, which is why using a password manager makes so much sense. But we have another problem: security breaches expose passwords and they shouldn’t be used by anyone.

While Microsoft did the right thing resetting the passwords on these account, it currently can’t stop a user selecting a new password that’s also been exposed as part of a past security breach. A positive next move would be to perform a check when a password is entered to see if it appears on a breach list, and if it is, to reject it and request the user pick something else.

Source: pcmag.com

Richard Sabinohttp://itspecialistdr.com
I like to share Information Technology News and how-to tips with all the people around me. I created this blog to reach the most people I can.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Must Read

Microsoft Azure Virtual Training Day: Fundamentals

(adsbygoogle = window.adsbygoogle || ).push({}); Today we're...

Eliminate background noise from conference calls with Krisp for free

Krisp is an AI-powered filter that virtually eliminates background noise, letting your work-from-home experience be a little more pleasant and professional.

Microsoft is offering free certification voucher

(adsbygoogle = window.adsbygoogle || ).push({}); If you have been desiring to...

How to share your Calendar in Outlook with someone else

(adsbygoogle = window.adsbygoogle || ).push({}); Have you ever been struggling in...

A San Francisco church file a lawsuit against Zoom claiming the company is failing to protect users

An online Bible study session has been victim of Zoom-bombing which led this San Francisco Church to file a lawsuit against Zoom...

Google removed 813 creepware apps from the Android Play Store

(adsbygoogle = window.adsbygoogle || ).push({}); NortonLifeLock and researchers from the New...

Microsoft stopped the release of Windows 10 32-Bit Build for new PC

(adsbygoogle = window.adsbygoogle || ).push({}); There are signals that Microsoft is...