Most people (not you, though – we know you’re smart) chose bad passwords online, and no amount of pleading – or hacking – seems to encourage them to change. So, Microsoft has decided to take a more pro-active approach to make its users protect their accounts by dynamically banning bad passwords.
Microsoft has detailed its strategy of “dynamically banning commonly used passwords” in a new post on its Enterprise Mobility and Security Blog.
“When it comes to big breach lists, cybercriminals and the Azure AD Identity Protection team have something in common – we both analyze the passwords that are being used most commonly,” writes Microsoft’s Alex Simons. “Bad guys use this data to inform their attacks – whether building a rainbow table or trying to brute force accounts by trying popular passwords against them. What *we* do with the data is prevent you from having a password anywhere near the current attack list, so those attacks won’t work.”
The passwords that Microsoft is banning are determined using its own database of frequently hacked passwords, which is updated and deployed dynamically. If a Microsoft account user tries to set their password as one listed in this database it will not be accepted, and a message will tell the user to “Choose a password that’s harder for people to guess.”
Microsoft’s dynamic password ban applies to accounts for Xbox, Outlook/Live, and OneDrive, amongst others.
Very good decision. It’s amazing how many people still choose retarded passwords:
https://www.leakedsource.com/blog/linkedin#passwords (750 000+ people choose 123456 for linkedin account??)