silversurfer
Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
- Aug 17, 2014
- 10,131
Microsoft: 99.9% of compromised accounts did not use multi-factor authentication
- Thread starter silversurfer
- Start date
- Jul 27, 2015
- 5,459
Such big companies should enforce 2FA on user side.
And support new FIDO2 / WebAuthn standards which completely fix such problems
And support new FIDO2 / WebAuthn standards which completely fix such problems
- Jan 11, 2020
- 220
It is absurd and irresponsible not to use 2FA. By now almost all web services offer this implementation. It should be mandatory, but at the same time, I find it disconcerting that we must get to the point of making a security function mandatory which instead should be the first voluntary and maturity choice of the end-user.
We are moving to 3-factor now... not using 2F is very irresponsible.
- Jan 11, 2020
- 220
I already use a "sort" of 3FA. Password / PIN for access => 2FA token => Fingerprint to unlock the 2FA Token
- Nov 3, 2019
- 413
1.2 million Microsoft accounts got hacked in January 2020
It's not us; it's you! Microsoft engineers said at the RSA conference that for 99.9% of hacked accounts, users did not implement multi-step authentication to provide an additional layer of security to ward off cybercriminals, ZDNet reported.
The Redmond-based tech giant revealed that it tracks more than 30 billion log-in events daily and more than one billion active users monthly. On average, 0.5% of Microsoft accounts get compromised per month. To put that statistic into perspective, that's a whopping 1.2 million accounts every 30 days or so.
"If you have an organization that has 10,000 users, 50 of them are going to be compromised this month," said Alex Weinert, Microsoft's director of identity security.
Weinert zoomed in on Microsoft enterprise accounts, and noted that only 11% enabled a multi-factor authentication solution. Weinert said that multi-step authentication is crucial because it would increase data protection against hackers' preferred method for infiltrating Microsoft accounts, which is password spraying.
Password spraying, according to ZDNet, is "a technique during which an attacker picks a common and easy-to-guess password, and goes through a long list of usernames until they get a hit and can access an account using said password."
Approximately 40% of hacked Microsoft accounts in January were compromised using password spraying.
The second-most common way that Microsoft accounts get hacked is a method called password replays. This is when a hacker snatches leaked credentials from another company and then tries it on a Microsoft account.
Unfortunately, there's a chance that the cybercriminal may find a match.
"We know that 60% of users reuse passwords. It's super common," Weinert said. "Don't be confused. People reuse their enterprise accounts in non-enterprise environments."
The vast majority of password spraying (99%) and password replay attacks (97%) that take place at Microsoft are followed through legacy authentication protocols, including SMTP, IMAP and POP.
"The reason, according to the cloud giant, is that these legacy authentication protocols don't support MFA solutions, making them ideal for hackers," ZDNet wrote.
Companies that disable legacy authentication protocols have seen a 67% reduction in account hacks.
The moral of the story here is clear: Turn on multi-step authentication for your accounts and don't be dependent on one password for all your logins.
Microsoft revealed their findings last week at the RSA security conference, an annual symposium that addresses cybersecurity concerns.
It's not us; it's you! Microsoft engineers said at the RSA conference that for 99.9% of hacked accounts, users did not implement multi-step authentication to provide an additional layer of security to ward off cybercriminals, ZDNet reported.
The Redmond-based tech giant revealed that it tracks more than 30 billion log-in events daily and more than one billion active users monthly. On average, 0.5% of Microsoft accounts get compromised per month. To put that statistic into perspective, that's a whopping 1.2 million accounts every 30 days or so.
"If you have an organization that has 10,000 users, 50 of them are going to be compromised this month," said Alex Weinert, Microsoft's director of identity security.
Weinert zoomed in on Microsoft enterprise accounts, and noted that only 11% enabled a multi-factor authentication solution. Weinert said that multi-step authentication is crucial because it would increase data protection against hackers' preferred method for infiltrating Microsoft accounts, which is password spraying.
Password spraying, according to ZDNet, is "a technique during which an attacker picks a common and easy-to-guess password, and goes through a long list of usernames until they get a hit and can access an account using said password."
Approximately 40% of hacked Microsoft accounts in January were compromised using password spraying.
The second-most common way that Microsoft accounts get hacked is a method called password replays. This is when a hacker snatches leaked credentials from another company and then tries it on a Microsoft account.
Unfortunately, there's a chance that the cybercriminal may find a match.
"We know that 60% of users reuse passwords. It's super common," Weinert said. "Don't be confused. People reuse their enterprise accounts in non-enterprise environments."
The vast majority of password spraying (99%) and password replay attacks (97%) that take place at Microsoft are followed through legacy authentication protocols, including SMTP, IMAP and POP.
"The reason, according to the cloud giant, is that these legacy authentication protocols don't support MFA solutions, making them ideal for hackers," ZDNet wrote.
Companies that disable legacy authentication protocols have seen a 67% reduction in account hacks.
The moral of the story here is clear: Turn on multi-step authentication for your accounts and don't be dependent on one password for all your logins.
Microsoft revealed their findings last week at the RSA security conference, an annual symposium that addresses cybersecurity concerns.
Similar threads
![[correlate]](/data/avatars/s/79/79653.jpg?1556985072){kind=avatar}
