Everybody remember that scene from GoldenEye when Boris (the insufferable pen-clicker) tries to hack Natalya’s passwords — her “codes!” — but can’t because she made them too hard to crack? Well, it turns out that the problem with most normal people, who don’t have the cybersecurity savvy of a brilliant Russian Bond girl, is that they make their passwords way too weak. As in, “12345” or just “password.”
In an attempt to stifle all of the Borises (Bori?) of the world who want to steal our personal information, Microsoft is stepping in to protect people against their own worst enemy — their astonishingly stupid passwords.
In a recent blog post, Microsoft Identity Protection team employees outlined two steps the tech giant is taking in order to halt Fry-with-a-brain-slug-level passwords on Microsoft AD and various other Microsoft platforms that include account services (like Outlook, Xbox, OneDrive, etc.): banning passwords that are used too much, and denying people access to accounts by utilizing “smart password lockouts.”
By “dynamically banning commonly used passwords” (i.e. studying “big breach lists” to see what passwords were most commonly hacked), Microsoft has developed an ongoing list of now-defunct passwords, which, if people attempt to create, will result in a message like the one above. As for the smart lockouts, they will hopefully help in “determining the risk associated with a specific login session,” so that if somebody does get locked out from your account for trying multiple passwords, it’s not you.
These layers of protection have been added in the face of growing large-scale cybersecurity breaches — including the recently reported leak that compromised 117 million LinkedIn accounts in 2012 — which Microsoft says have “been happening almost weekly now.”
So if you don’t want one of your accounts to end up as a digit on the “have i been pwned” list, Natalya your codes immediately. It’s good that Microsoft’s helping, but we all know it makes errors too.
What do you think about Microsoft’s next-level password protections? Decrypt your thoughts in the comments below!
Images: www.elbpresse.de, Microsoft