A recent blog post from Microsoft highlights the relative frequence of security breaches, password hacks, and username theft in recent years, hoping to provide some valuable information to prevent these types of hacks on Azure.
In one of the most recent posts from The Fire Hose: Microsoft’s Security Blog highlights the importance of keeping your business or personal information safe. More and more people are receiving malicious password requests or suffering due to hacks; so Robyn Hicock and Alex Weinert (from Microsoft’s ID protection team) highlighted some of the best ways to use Azure AD and Microsoft Account Services to help protect some of your most valuable resources.
Over 117 Millions of Credentials Were Leaked from LinkedIn. Don’t Let It Happen to You
According to Microsoft, over 117M usernames and passwords were sold over the internet in the last few weeks- but it doesn’t have to be like that. There are a few solid steps that you can take that ensure that your websites, passwords, and usernames are always safe and secure. They also highlighted several common beliefs that actually make passwords easier to crack, like:
- Password length requirements
- Password complexity requirements
- Regular password expiration
Why These Habits Make Passwords Easy to Hack
Humans are pretty predictable when they’re forced to make specific passwords, Google says. To make the most out of your passwords, you should focus on things that Azure AD force users to remember: dynamically banning common passwords and smart password lockout.
It’s pretty common knowledge that most people use the same passwords over and over again. Microsoft and Azure AD dynamically ban commonly used passwords to prevent attacks. Hackers use common passwords to try to force their way through the system, just using passwords that people use all the time. Azure AD requires that users never have any passwords that are regularly on the current attack list, preventing these kinds of attacks from affecting you.
How Many People Try To Attack Accounts Everyday?
On average, Windows sees about 10 million accounts attacked every single day (according to Microsoft Security Incident Reports). This provides them with plenty of research to check out the newest ways that people try to steal accounts. This means that when they think that someone is trying to break into your account, they lock them out. At this point, Microsoft accesses the risk associated with your account, and locks you out for a specific period of time. This might seem annoying, but Microsoft uses this data successfully about 54% of the time to protect your account from being attacked.
You can learn more about password guidance and how Azure HD work here.