- Microsoft is moving to ban common passwords, such as "123456" or "password," from its Microsoft Account and Azure AD system, according to a report from Security Week.
- Analyzing password data from breaches, Microsoft looks for the most frequently used passwords and adds them to a banned list, which stops users from employing them and works to improve account safety.
- The company also has a feature called "smart password lockout," which works to lock out users attempting to guess a password even if they are on the account user's computer or appear to be on the same network.
Alex Weinert, group program manager for Azure AD Identity Protection team, said that Microsoft sees more than 10 million accounts attacked every day. From those attacks, the company aggregates the common and vulnerable passwords to add to the banned list.
The feature is currently available on Microsoft Account Service, but will soon be available to Azure AD customers.
In an effort to boost security, Microsoft recommends establishing password length and "complexity" requirements, along with regular password expirations.
Many customers prefer biometrics and alternative authentication methods beyond traditional usernames and passwords, but many systems do not employ advanced methods. In an effort to simplify the login process, many users still have insecure passwords that are both easy to remember and easy for malicious actors to guess.
As a result, some companies are moving to change how passwords are used. For Microsoft, its establishing best practices and preventing users from having simple passwords. Google, for example, is working to replace Android passwords entirely in favor of biometrics.