March 7, 2020 12:20 am
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/RR0J2FP0JB0/999-of-compromised-accounts-did-not-use-multi-factor-authentication-says-microsoft
99.9% of Compromised Accounts Did Not Use Multi-Factor Authentication, Says Microsoft
Speaking at the RSA security conference last week, Microsoft engineers said that 99.9% of the compromised accounts they track every month don't use multi-factor authentication, a solution that stops most automated account attacks. From a report: The cloud giant said it tracks more than 30 billion login events per day and more than one billion monthly active users. Microsoft said that, on average, around 0.5% of all accounts get compromised each month, a number that in January 2020 was about 1.2 million. While all account hacks are bad, they are worse when the account is for enterprise use. Of these highly-sensitive accounts, only 11% had a multi-factor authentication (MFA) solution enabled, as of January 2020, Microsoft said. In most cases, the account hacks happen after rather simplistic attacks. The primary sources of most hacks of Microsoft accounts was password spraying, a technique during which an attacker picks a common and easy-to-guess password, and goes through a long list of usernames until they get a hit and can access an account using said password.Read more of this story at Slashdot.
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/RR0J2FP0JB0/999-of-compromised-accounts-did-not-use-multi-factor-authentication-says-microsoft
Share this article:
Tweet
View Full Article
Slashdot
Slashdot was originally created in September of 1997 by Rob "CmdrTaco" Malda. Today it is owned by Geeknet, Inc..More About this Source Visit Slashdot