Changes and explanations for passwords from Microsoft

If you want to use some of Microsoft and try to create an account, the company will not allow you to use a commonly encountered security code.

The same approach is in preview for Azure Active Directory users, and over the next few months will roll out to other of Microsoft.common passwords Microsoft

What are common passwords?

Alex Weinert, Group Program Manager of Azure AD Identity Protection, explained he decided which passwords are too common.

His team created an automated system powered by user names and passwords that have been stolen by other companies and organizations, leaked online or offered for sale, and a list of user names and passwords recorded on top of 10 millions of brute force attacks that are made every day in the company's systems (it's a constantly updated list).

Based on these , the system recognizes which passwords are repeated most often, and blocks the selection of such passwords.

Additional security options

Interestingly, when Microsoft asks users to choose a password, it makes it with a unique requirement to have from 8 characters and up.

The company chose not to ask for larger codes or enriched with symbol characters to add complexity, and advises IT administrators not to force users to periodically reset their account passwords.

Why

Because users according to the company react in a predictable way when confronted with similar constraints.

From a previous survey, Microsoft discovered that:

  • In additional and mandatory password requirements, customers typically use repeating patterns (eg passwordpassword), choosing to write their passwords twice.
  • Complexity requirements in passwords lead to identical ones passwords that use e.g. a first capital letter, a symbol in the last, and a number in the last two, which makes them vulnerable to brute-force attacks.
  • The obligatory temporary reset of passwords results in the selection of previous passwords, ie the passwords are "updated" to older ones.

More password management recommendations for users and administrators are provided in the White Paper below. You'll also find tips on how to choose a good (strong and unique) password, as well as other practices to keep your data safe .

Microsoft Password Guidance (PDF)

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.082 registrants.

Written by giorgos

George still wonders what he's doing here ...

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).