About 1.2 million Microsoft accounts were compromised in January 2020 alone, and almost all of them could have been secured by activating a single setting. According to Microsoft engineers, 99.9% of the compromised accounts they follow do not use multi-factor authentication. Microsoft discussed account security and the risks of not using multi-factor authentication at the RSA security conference last week (via ZDNet).
During the RSA conference, Microsoft pointed out that it tracks more than 30 billion connection events every day. On average, 0.5% of accounts are hacked, but with more than a billion active users, this means that around 1.2 million accounts were compromised in January alone.
Microsoft highlighted the business risk of not enabling multifactor authentication. Business users often have sensitive data on their systems. Although they often hold sensitive data, only 11% of corporate users activated multi-factor authentication in January 2020, according to Microsoft.
Prepare to broadcast UFC 248 live with an ESPN + subscription
According to Microsoft, password spraying is the most common form of attack to hack Microsoft accounts. This technique takes passwords that are easy to guess and goes through a list of user names until an attacker can access the account.
The second most common attack method is password replay. With this technique, an attacker takes the leaked credentials of another company and tries them with a Microsoft account. It relies on people using the same password on multiple accounts. Lee Walker, an identity and security architect at Microsoft, says that 60% of users reuse passwords. He also adds, “Don’t be confused. People re-use their corporate accounts in non-corporate environments.”
According to Walker, the vast majority of attacks using password spraying and password replay attack older legacy authentication protocols. Specifically, 99% of all password spray attacks and 97% of password replay attacks go through legacy authentication protocols. Indeed, these legacy protocols do not support multi-factor authentication, according to Microsoft. Microsoft says companies that disable legacy authentication protocols see a 67% reduction in compromised accounts.
According to Microsoft, the simplest solution to reduce security risks is to activate multifactor authentication. Microsoft says your account is more than 99.9% less likely to be compromised if you enable multi-factor authentication.
We can earn a commission for purchases using our links. Learn more.
Review: MSI’s Optix MAG272CQR offers 165 Hz refresh rate, QHD resolution
Looking for a new 1440p monitor capable of tracking your powerful gaming equipment? MSI’s Optix MAG272CQR has a lot to offer, including a 165 Hz refresh rate, a 1 ms response time, and an accurate color image.
Rainbow Six Siege Operation Void Edge: Everything We Know
Operation Rainbow Six Siege Void Edge opens year five with new operators, maps, and a ton of gameplay improvements. We have finished everything we know about Ubisoft cryptography next season, before the release date of its PS4, Xbox One and PC.
State of Decay 2: Juggernaut Edition announced for Epic Games Store
In an interesting announcement, Undead Labs confirmed that State of Decay 2: Juggernaut Edition will launch on the Epic Games Store on March 13.
The Super Bowl is finally here. Discover these essential Windows applications
After an excellent regular season and exciting first rounds of the NFL playoffs, the Super Bowl is finally here. Here are the best Windows 10 apps to help you enjoy the great game.