Microsoft to ban ‘easy’ passwords to improve security

Jun 1, 2016 | Regulation

Microsoft is tightening password security by banning easy passwords, such as ‘123456’, following recent high profile security breaches. The move follows revelations about the recent LinkedIn data hack, which showed that the most popular passwords people used were “123456” and “linkedin,” while previous research has shown that “password”, “qwerty” and “football” are also amongst the […]

Microsoft is tightening password security by banning easy passwords, such as ‘123456’, following recent high profile security breaches.


passwords%20fail.jpg
The move follows revelations about the recent LinkedIn data hack, which showed that the most popular passwords people used were “123456” and “linkedin,” while previous research has shown that “password”, “qwerty” and “football” are also amongst the top 10 passwords used.
According to Alex Weinert from Microsoft’s Identity Protection Team, Microsoft fends off attacks to 10 million accounts on a daily basis and has been collecting all the passwords guessed by hackers.
“We analyse the passwords that are being used most commonly. Bad guys use this data to inform their attacks,” he wrote. “What *we* do with the data is prevent you from having a password anywhere near the current attack list, so those attacks won’t work.”
Commenting on the move, Richard Lack, Director of Sales – EMEA, Gigya, said: “Consumers tell us that they are struggling to remember what is now an average of over 100 passwords in Europe. At a time when the number of devices we own is rising sharply, this frustration has relegated the registration process to being the most broken thing about the internet. The future lies in methods of authentication without passwords, which consumers clearly favour, both in terms of convenience and enhanced security.
“Biometric authentication is a powerful enabler, allowing businesses smart enough to deploy it to significantly increase rates of registration, gaining data and insight about their customers, while also increasing customer security. This is a win/win scenario which sounds the death-knell for awkward and insecure passwords sooner than we may imagine.”
Patrick Salyer, CEO at Gigya, said: “Within the next 10 years, traditional passwords will be dead as an authentication form. Consumer-focused brands require modern customer identity management infrastructures that support newer, more secure authentication methods, such as biometrics. Businesses that are already using advanced authentication methods demonstrate increased customer registration and engagement while enjoying greater login convenience and security.”