Billions of Passwords Have Been hacked, Microsoft Says
An alert from Microsoft’s Detection and Response Team (DART) is a warning to everyone about an increase in password spray attacks over the last 12 months.
Password spraying is a form of brute force attack. where an attacker will use one password, for example, “mypassword1234” against millions of accounts to avoid account lockouts that would normally occur when attacking a single account with many passwords.
In its blog post, Microsoft discusses the anatomy of a password spray attack.
The anatomy of a password spray attack
To understand how to protect against, and investigate a password spray attack, it is important to understand what it is. Password spray attacks are authentication attacks that employ a large list of usernames and pair them with common passwords in an attempt to “guess” the correct combination for as many users as possible. These are different from brute-force attacks, which involve attackers using a custom dictionary or wordlist and attempting to attack a small number of user accounts.
You’re extremely vulnerable to this type of attack especially if you use the same password on multiple accounts. It’s especially important that you use different complex passwords containing upper and lowercase letters, numbers, and symbols on all your important accounts. We have some suggestions to help you make easier-to-remember, complex passwords here.
And keeping informed is another key step you can take to stay safe online. Please take a few minutes to read this Microsoft Blog Post.
Wait! Before you go…
Every week we help dozens of people with their computers without charge or any expectation of payment. And we have helped many folks who have fallen for tech support scams or other scams designed to steal their money.
And we now depend more on readers like you to help keep us going. Your donation helps us to help more people with their computers and helps us keep everyone safer online.
Please help support our small business and help us to keep on helping you.