https://rqms.co.uk/blog/ Welcome to my blog Articulate, blogging built on Umbraco 1267 https://rqms.co.uk/archive/44-million-microsoft-customers-found-using-compromised-passwords/ <p>The 44 million weak accounts comprised both Microsoft Services Accounts (regular users) and Azure AD accounts too, suggesting businesses are not adopting proper password hygiene.</p> <div class="polaris__simple-grid--main"> <p>A total of three billion user credentials were checked in a database populated from numerous sources including law enforcement and public databases.</p> <p>Using the data set of three billion credentials, Microsoft was able to identify the number of users who were resuing credentials across multiple online services.</p> </div> <div class="polaris__simple-grid--main"> <p>Microsoft forced a password reset for all of those users who were found to have leaked credentials during the scan which took place between January and March 2019.</p> <p>"On the enterprise side, Microsoft will elevate the user risk and alert the administrator so that a credential reset can be enforced," the company<span> </span><a rel="noopener" href="https://www.microsoft.com/securityinsights/identity" target="_blank" class="polaris__link -is-external">said</a>.</p> <p>Microsoft also said if users are going to reuse login credentials across different services, enabling a form of<span> </span><a href="https://www.itpro.co.uk/security/29982/what-is-two-factor-authentication" class="polaris__link">multi-factor authentication (MFA)</a><span> </span>is imperative.</p> <p>"MFA is an important security mechanism that can dramatically improve your security posture," it said. "Our numbers show that 99.9% of identity attacks have been thwarted by turning on MFA."</p> </div> Fri, 06 Dec 2019 12:00:00 Z 2019-12-06T12:00:00Z