Skip to main content

Say goodbye to ‘12345’: Microsoft is banning your lame passwords

A user entering a password.
Some of us are very dumb when it comes to creating strong passwords, and Microsoft is sick of it. So much so that it’s banning certain passwords that it deems as too weak or easy to crack from being used at all.

Microsoft explained in a blog post that it was putting the data it had collected from millions of password leaks to good use in an attempt to help people come up with better passwords. Currently, it has rules about password length and the characters that have to be used, but it seems like it wants to take things a step further — creating a list of often-used passwords that you won’t be able to use anymore.

Related Videos

“When it comes to big breach lists, cybercriminals and the Azure AD Identity Protection team have something in common — we both analyze the passwords that are being used most commonly,” said Alex Weinert, group manager of the Azure AD Identity Protection team, in the blog post. “Bad guys use this data to inform their attacks — whether building a rainbow table or trying to brute force accounts by trying popular passwords against them. What we do with the data is prevent you from having a password anywhere near the current attack list, so those attacks won’t work.”

The list will be updated as time goes on and new password leaks occur, so as people start using different passwords that are still too easy to guess, those passwords will also be banned from use.

According to Microsoft, the feature has already been rolled out to Account Service — including Outlook, Xbox, OneDrive, and so on — and the feature will be expanded to Microsoft’s Azure AD login system in the near future. Of course, if you tend to already use strong passwords, you probably won’t notice any changes — but if you’re a user of weak passwords, you might finally have to start choosing stronger passwords. No more ‘password,’ or ‘12345.’

Editors' Recommendations

Microsoft Teams Premium uses AI to automatically recap your meetings
Three women in a Microsoft Teams meeting.

Microsoft has just made Teams Premium available for a short time. The preview will allow Microsoft's customers to test out some of the new features that won't be widely available for a while yet.

A few interesting features are making an appearance during this short trial run, including the ability to add custom branding to meetings, live translated captions, and meeting recaps prepared by artificial intelligence (AI).

Read more
Hackers just stole LastPass data, but your passwords are safe
A physical lock placed on a keyboard to represent a locked keyboard.

The developers behind password management software LastPass have just shared some concerning news: Bad actors were recently able to access “elements of our customers’ information” in a recent security breach.

It’s the second time in just a couple of months that LastPass has suffered a security incident, and it appears the two events are directly linked. That’s because LastPass’s developers say that the unauthorized party was able to access customer data “using information obtained in the August 2022 incident.”

Read more
Microsoft’s DirectStorage can now boost your game loading times by 200%
Person using a gaming monitor.

Microsoft's DirectStorage 1.1 update is here, and it's definitely one that gamers won't want to miss.

With the new version of the API, Microsoft promises up to 200% faster game load times -- all thanks to GPU decompression. Here's how you can try it out for yourself.

Read more