Stock Photo.
Following a recent string of high-profile security breaches, tech giant Microsoft is tightening its security protocol by prohibiting the use of easy passwords.
According to a report from The Telegraph, a LinkedIn data hack revealed that the most comically oblivious passwords people used were “123456” and “linkedin,” with “qwerty,” “password” and “football” rounding up the list.
READ: The worst passwords of 2015 – is yours on the list?
The move was made to further strengthenthe company’s stand against the dangers of lazily picked out passwords, which could be exploited by potential hackers.
“We analyse the passwords that are being used most commonly. Bad guys use this data to inform their attacks,” Alex Weinert of Microsoft’s Identity Protection Team was quoted as saying in the report. “What we do with the data is prevent you from having a password anywhere near the current attack list, so those attacks won’t work.”
The new security measure will reportedly cover all Microsoft accounts, including Outlook emails and cloud directory Azure AD, and prevent users from using the disabled passwords.
The company will also implement a “smart password lockout”, which would lock out hackers, rather than the entire user’s account.
Passwords are widely considered as a broken form of security for a person’s online life, and according to Winert, its length requirements and regular expiration dates could actually make them easier to crack.
Meanwhile, Microsoft released five pointers on how to pick a strong password:
- Don’t re-use passwords. One ultra-secure one won’t be any good if someone finds it
- While combining upper and lower case passwords with numbers to alter a memorable word–M4raD0na–is often advised, these are more easily cracked than you might think
- Good advice is to make a memorable, unusual sentence: “I am a 7-foot tall metal giant” is better than “My name is John”, and use the first letter of each word with punctuation: “Iaa7-ftmg”
- Alternatively, you can use a password manager such as 1Password, which can generate secure passwords and store them online
- The best way to protect yourself is to use two-factor authentication, which will send a text with a code or use an app to verify your log-in. Khristian Ibarrola