We discover stolen credentials in a bunch of different ways.
#HACKERS LIST OF USERNAMES AND PASSWORDS PASSWORD#
Taken together, this means that when someone else's services are hacked, it can put accounts with the same username and password in our system at risk.īecause these kinds of breaches and attacks happen quite frequently, we've built a standard set of processes and automated services to make sure our users are always protected. (Stolen usernames and passwords are also commonly acquired in phishing attacks or malware.) The second thing to understand is that many people use the same username and password with multiple sites. The first thing to understand is that the vast majority of stolen credentials are acquired when a hacker breaches a vulnerable website that stores passwords in plaintext or uses weak encryption or hashing practices.
This has received a lot of press coverage so we thought you might be interested to learn how we handle these lists when we discover them. Last week about a Russian hacker offering 272.3 million stolen usernames and passwords. We safeguard hundreds of millions of unique users across more than 13 billion logins every day. The Identity Protection team is responsible for preventing hackers and cyber criminals from getting access to user accounts in the Microsoft account (MSA) and Azure Active Directory (Azure AD) services. I'm Alex Weinert, the Group Program Manager for the Identity Protection team in Microsoft's Identity Division. I hope you'll find this information useful and interesting! To share the details on how this works and what we learned from this specific list, I've asked Alex Weinert, the Group Program Manager who leads our Identity Protection team to do a guest blog. This kind of thing happens with alarming frequency, so we've developed a standard set of processes and an automated system to protect user accounts from this kind of threat. Given all the attention this list received, I thought you might be interested in how we protect user accounts from being hacked when something like this happens. Last week there was a lot of news coverage about a list of 272 million stolen username and passwords that were available from a Russian hacker named "The Collector". First published on CloudBlogs on May, 10 2016
0 kommentar(er)
