HOTforSecurity
  • Home
  • Threats
    • Security alerts
    • Social Networks Security
    • Mobile & Gadgets Security
    • Tips and Tricks
  • Smart Home Security
  • Digital Privacy
    • Digital Identity
    • Good Practices
    • Data Breach Alerts
  • Work from Home: Safety Tips
  • The ABC of Cybersecurity
  • Security Videos
HOTforSecurity
  • Home
  • Threats
    • Security alerts
    • Social Networks Security
    • Mobile & Gadgets Security
    • Tips and Tricks
  • Smart Home Security
  • Digital Privacy
    • Digital Identity
    • Good Practices
    • Data Breach Alerts
  • Work from Home: Safety Tips
  • The ABC of Cybersecurity
  • Security Videos
HOTforSecurity
  • Home
  • Threats
    • Security alerts
    • Social Networks Security
    • Mobile & Gadgets Security
    • Tips and Tricks
  • Smart Home Security
  • Digital Privacy
    • Digital Identity
    • Good Practices
    • Data Breach Alerts
  • Work from Home: Safety Tips
  • The ABC of Cybersecurity
  • Security Videos
Loredana BOTEZATU @lbotezatu
7 Comments
    Share This!
  • Facebook
  • Twitter
  • Pinterest
  • LinkedIn
  • ReddIt
Industry News

Re-using Passwords Compromises Users’ Online Identity

July 17, 2012
2 Min Read

Login data found on lists of leaked credentials after hack attacks against service providers proved users continue to use the same id and password for more than one online account.

By choosing to reuse passwords for more than one account, people end up leaving all those accounts vulnerable to hacking. In case of a data leak, where logins get into the wrong hands, all other accounts with the same password can be compromised.

“This highlights the longstanding security advice to use unique passwords, as criminals have become increasingly sophisticated about taking a list of usernames and passwords from one service and then `replaying‘ that list against other major account systems,” Microsoft Account Group Program Manager Eric Doerr stressed in a blog post on July, 15. “When they find matching passwords they are able to spread their abuse beyond the original account system they attacked.”

In light of recent data leaks that hit LinkedIn, Last.fm and, more recently, Skype and Yahoo, people need to know the implications of using the same password for more than one account. The moment lists with credentials are made public, Microsoft is notified to protect customers with the same login data for their Microsoft accounts.

Some of these lists are incomplete and pose no immediate threat to users, but some are complete or contain data that can help wrong-doers put together comprehensive lists that match usernames to their passwords. From that point, people’s identity is at stake.

Microsoft automatically scans these lists to see which customers may have compromised accounts to be able to notify them. “You’d be surprised how often the lists – especially the publicly posted ones – are complete garbage with zero matches. But sometimes there are hits – on average, we see successful password matches of around 20% of matching usernames.” Eric Doerr adds.

To stay protected, users need to know that a company, a bank, a service provider of any kind would never send customers an e-mail asking for passwords, usernames, account information or telephone number. As tedious as it may seem, users need strong unique passwords for every account online. They then need to be very attentive with the data they publicly share. And of course, people ought to use at all times a security suite to take care of the aspects they can’t handle personally.

Tags20 percent data leak Microsoft account login password yahoo

You may also like

Industry News

Microsoft Issues Exchange Server Updates for Four 0-Day Vulnerabilities Used by Chinese Hafnium APT

15 hours ago
Industry News

Android Security Bulletin: Google Issues Fix for Critical Remote Code Execution Flaw in Android System

17 hours ago
Industry News

Update Your Chrome Browser Now! Zero-Day Actively Exploited in the Wild

20 hours ago

About the author

View All Posts

Loredana BOTEZATU

A blend of teacher and technical journalist with a pinch of e-threat analysis, Loredana Botezatu writes mostly about malware and spam. She believes that most errors happen between the keyboard and the chair. Loredana has been writing about the IT world and e-security for well over five years and has made a personal goal out of educating computer users about the ins and outs of the cybercrime ecosystem.

7 Comments

Click here to post a comment
  • Reverse.engineering says:
    July 17, 2012 at 5:46 pm

    “sometimes on average, we see successful password matches of around 20% of matching usernames.” from list already leaked, NOT 20% of Microsoft Log-in Data Compromised

    20% of Microsoft Log-in Data Compromised-mean 20% from all microsoft log-in was compromised

  • Report: 20% of Microsoft login data compromised? | News| Celebrity News | Philippine News | Tagalog Movies says:
    July 18, 2012 at 7:48 am

    […] “This highlights the longstanding security advice to use unique passwords, as criminals have become increasingly sophisticated about taking a list of usernames and passwords from one service and then `replaying‘ that list against other major account systems,” it quoted Microsoft Account Group Program Manager Eric Doerr as saying in a July 15 blog post. […]

  • Mark Sitkowski says:
    July 20, 2012 at 6:55 am

    Time we all got away from just using passwords, user ID’s and cards. The solution is detailed on www.designsim.com.au, and is currently being implemented by two U.S banks and one in Hong Kong, for their ATM’s. Maybe Microsoft should consider adding it to their login application.

  • How to Prevent and React to a WordPress Hack Attack | one cool site says:
    July 24, 2012 at 5:57 am

    […] 20 Percent of Microsoft Log-in Data Compromised (hotforsecurity.com) Share this:tweetMoreDiggEmailLike this:Like24 bloggers like this. This entry was posted in Better Blogging, Blogging Tips, Blogging Tools, Blogging Tutorials, WordPress.com Tips and tagged Hacker (computer security), security by timethief. Bookmark the permalink. […]

  • Farewell! - ZanterLand says:
    July 24, 2012 at 9:20 am

    […] 20 Percent of Microsoft Log-in Data Compromised(hotforsecurity.com) […]

  • “Jesus” and “Ninja”: Newcomers in Scariest 2012 Passwords | HOTforSecurity says:
    October 25, 2012 at 5:19 pm

    […] To make passwords harder to guess, SplashData suggests avoiding using the same username/password combination for multiple websites, and choosing passwords of eight characters or more with mixed types of characters. Microsoft also warned that re-using passwords compromises users’ online identity. […]

  • Report: 20% Of Microsoft Login Data Compromised? | Philippines Holiday Travel Guide says:
    April 28, 2013 at 6:15 pm

    […] “This highlights the longstanding security advice to use unique passwords, as criminals have become increasingly sophisticated about taking a list of usernames and passwords from one service and then `replaying‘ that list against other major account systems,” it quoted Microsoft Account Group Program Manager Eric Doerr as saying in a July 15 blog post. […]

Anon Launches Official IRC Channel in Bid for Support
Bug in Skype Lands Conversations in Wrong Windows
    Share This!
  • Facebook
  • Twitter
  • Pinterest
  • LinkedIn
  • ReddIt

Promo

1.3m
Fans
Like
▲ 6
104.8k
Followers
Follow
2.7k
Subscribers
Subscribe
18
Subscribers
subscribe
1.4m
Fans Love us

Recent shouts

  • Meurig Parri on Microsoft Ends Support for Windows 7. What You Need to Know
  • Kevin on Cable Haunt vulnerability affects millions of Broadcom cable modems
  • Terry on Ransomware attack forces Arkansas CEO to fire 300 employees days before Christmas
  • Martin on 1&1 Telecom GmbH hit by almost €10 million GDPR fine over poor security at call centre
  • Xander on 1&1 Telecom GmbH hit by almost €10 million GDPR fine over poor security at call centre

Time Machine

March 2021
M T W T F S S
1234567
891011121314
15161718192021
22232425262728
293031  
« Feb    

ANTIVIRUS SOFTWARE FOR HOME USERS

Bitdefender Cybersecurity for Smart Home
Bitdefender Complete Protection
Bitdefender PC Protection
Bitdefender Antivirus for Mac
Bitdefender Mobile Security for Android
Bitdefender Product Comparison

BUSINESS SOLUTIONS

Bitdefender GravityZone Business Security
Bitdefender GravityZone Advanced Business Security
Bitdefender GravityZone Enterprise Security
Bitdefender Hypervisor Introspection

TOOLS & RESOURCES

Renewal for Business Customers
Trial Downloads
Free Antivirus
Free Online Virus Scanner
Free Virus Removal Tools
Live Remote Assistance
Free Tools
Bug Bounty
Press Center

Powered by Bitdefender - a leading cyber security technology provider | Copyright © 2008 - 2016. All rights reserved.
  • Home
  • The Team
  • Terms and Conditions
  • Contact
We use cookies to ensure that we give you the best experience on our website. If you continue to use this site we will assume that you are happy with it.Ok