Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft May Ban Your Favorite Password (securityweek.com)

Posted by BeauHD on from the 123456 dept.

wiredmikey writes from a report via SecurityWeek.Com: Microsoft is taking a step to better protect users by banning the use of weak and commonly-used passwords across its services. Microsoft has announced that it is dynamically banning common passwords from Microsoft Account and Azure Active Directory (AD) system. In addition to banning commonly used passwords to improve user account safety, Microsoft has implemented a feature called smart password lockout, meant to add an extra level of protection when an account is attacked. [Alex Weinert, Group Program Manager of Azure AD Identity Protection team explains in a blog post that] Microsoft is seeing more than 10 million accounts being attacked each day, and that this data is used to dynamically update the list of banned passwords. This list is then used to prevent people from choosing a common or similar password. Microsoft's new feature comes after last week's leak of 117 million LinkedIn credentials.

4 of 232 comments (clear)

  1. Re:If by JustAnotherOldGuy · · Score: 3, Interesting

    Obviously Microsoft knows what's best for us, regardless of what we want.

    Maybe I *want* to use a weak password, what business is it of theirs to tell me I can't? If they want to warn me that I have a weak password, fine. But to prevent me from using it? That's just bullshit.

    Microsoft is continually tightening it's grip on its customers freedom to do what they want, so I guess this really shouldn't come as a surprise.

    --
    Just cruising through this digital world at 33 1/3 rpm...
  2. Re:If by Jeremi · · Score: 3, Interesting

    If you ban common passwords. Then you end up with a new set of common passwords.

    Is there any evidence that the above assertion is true?

    --


    I don't care if it's 90,000 hectares. That lake was not my doing.
  3. Microsoft Account = PC by SeaFox · · Score: 1, Interesting

    With Microsoft doing their best to get people to use Microsoft Accounts on their Windows installs, that means people will soon be required to get approval from Redmond for the password they use to get into their own in PC in their own home.

  4. Re:If by Darinbob · · Score: 3, Interesting

    You can honestly not think of any reason why a strong password is not always required? I can think of reasons why jumping into a pool while wearing full platemail might be necessary (it's scene 23 in my movie script). I don't even have a password on my home computer, but then again no one breaking in remotely is going to be blocked by a Windows login screen either. They can break in locally of course but if that happens I have more serious matters to deal with than that they'll be able to look at some photos before wiping the drive and reselling it.