44 Million Microsoft Users Reused Leaked Passwords - Binary Defense

Threat Watch

Share on facebook
Share on twitter
Share on linkedin

44 Million Microsoft Users Reused Leaked Passwords

The Microsoft threat research team scanned all Microsoft customer user accounts and found that 44 million users were using usernames and passwords that had previously been leaked in security breaches. Microsoft stated that it scanned over three billion leaked credentials that helped them identify users who reused the login credentials across different online accounts. When the leaked credentials were found, Microsoft forced a password reset, or contacted the correct Azure AD administrator to ensure a password reset was forced. Microsoft does warn about weak and easy-to-guess passwords and reused passwords but is unable to stop users from simply adding a single character at the end of an easily remembered password. A 2018 study found that 52% of users either reuse or perform simple modifications to their original password and 30% of those can be cracked within just 10 guesses.

ANALYST NOTES

The Microsoft threat research team scanned all Microsoft customer user accounts and found that 44 million users were using usernames and passwords that had previously been leaked in security breaches. Microsoft stated that it scanned over three billion leaked credentials that helped them identify users who reused the login credentials across different online accounts. When the leaked credentials were found, Microsoft forced a password reset, or contacted the correct Azure AD administrator to ensure a password reset was forced. Microsoft does warn about weak and easy-to-guess passwords and reused passwords but is unable to stop users from simply adding a single character at the end of an easily remembered password. A 2018 study found that 52% of users either reuse or perform simple modifications to their original password and 30% of those can be cracked within just 10 guesses.

Contact Support

Please complete the form below and a member of our support team will respond as quickly as possible.