About 20 percent of Microsoft
Account logins are found on lists of compromised credentials in the wake of
hack attacks on other service providers, Eric Doerr, Group Program Manager for
Microsoft's Account system said.
A significant proportion of
compromised credentials Microsoft sees from other services have the same username
and password on the Microsoft account system (formerly Windows Live ID) logins,
which cover services such as Hotmail, Messenger and SkyDrive. These logins
have not been compromised from the Microsoft server, but are instead based on
login information leaked from other sites.
These attacks shine a
spotlight on the core issue people reuse passwords between different websites,"
he said. Microsoft regularly gets lists of compromised third-party login
details from ISPs, law enforcement and vendors, as well as from lists published
on the internet by hackers, according to Doerr. This information is checked
against Microsoft login details using an automated process to check for any
overlap. While 20 percent is the average, in one recent breach it was only 4.5
percent, said Doerr.
Like Just last week, both Yahoo! Voices and the Android forums
at website Phandroid were hacked, resulting in the leakage of almost
1.5 million usernames and passwords. When a list of usernames and
passwords are leaked, it seems that Microsoft have been running these
against its database looking for matches. The results are quite
shocking.
Company also revealed that it is
working to tighten its security and one of such measures is going to be
increase in the character limit in passwords to make Brute Force attack
more difficult.
We Request to Readers, DON’T REUSE YOUR PASSWORDS!
Source:THN
No comments:
Post a Comment