Download the new On-Premise MFA E-Guide >

20% of Microsoft logins are in the hands of hackers !!

News today of more password hacks seems to be the regular occurence – today three more in the news – that have been reported!

Many articles have been written recently suggesting better construction of passwords and management of them. However the greater the complexity and the more frequently the user changes the password; so the more difficult it is to remember them!

The answer is of course a combination of something that changes regularly and a strong password – we call it tokenless authentication – a combination of a static password thats 6-8 characters long combined with a passcode of 6 or more characters sent out of bound to the mobile (or generated on an app on the phone or tablet devices) which together creates an ‘otp’ (one time password). This process was invented over ten years ago by SecurEnvoy and has progressed and enhanced so anyone can access from anywhere from any device.

The leaks we have seen today:

1. One in five Microsoft logins are in hands of hackers

http://www.zdnet.com/one-in-five-microsoft-logins-are-in-hands-of-hackers-7000000969/

Checks on Microsoft Account logins have found that about 20 percent are on industry lists of compromised credentials, exposed via hacks on other service providers where passwords have been reused

2. Formspring springs a leak: 28 MILLION passwords reset after raid

http://www.theregister.co.uk/2012/07/11/formspring_security_breach/

Social networking service Formspring has told its 28 million users to change their passwords following the discovery of a security breach. A sample of 420,000 password hashes for the question-and-answer website have been posted online, sparking concerns that the entire user base might have been exposed. In response, Formspring disabled users’ passwords and applied a reset as a precaution.

3. Will Tech Industry Ever Fix Passwords?

http://www.cio.com/article/711066/Will_Tech_Industry_Ever_Fix_Passwords_?source=rss_security&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+cio%2Ffeed%2Fdrilldowntopic%2F3089+%28CIO.com+-+Security%29

What LinkedIn and other recent breaches tell us about widespread security risks as we embrace social media and cloud applications in the enterprise.

Category: Industry News

Multi-Factor
Authentication
(MFA)

Any user. Any device.
Anywhere.

For companies that take authentication seriously.

Learn more about SecurEnvoy MFA

Hear more from
our security
experts

Sign-up today

What to read next...

How understanding your data will reduce your time to compliance (and avoid costly fines)

The Information Commissioner’s Office (ICO) handles more than 300,000 calls and receives more than 30,000 complaints each year from the general publ...

Adam Bruce

Compliance / Data Discovery / Data Security Awareness

Overcoming key financial services compliance challenges with data governance and data discovery tools

Financial services organisations need to comply with a whole raft of regulations ranging from the Financial Conduct Authority (FCA) and the Prudential...

Liam Hinchliffe

Compliance / Data Discovery

How to make NHS MFA policy implementation easier

Multi-factor authentication (MFA) has become the gold standard in access control for organisations that are serious about data security. It’s not ha...

Darren Leach

2FA / Compliance / Healthcare