Microsoft is looking to stop us using dumb passwords, the company has now decided that you will no longer be able to use these passwords.
The company is taking the steps after the recent leak of 117 million usernames and passwords from LinkedIn.
When it comes to big breach lists, cybercriminals and the Azure AD Identity Protection team have something in common – we both analyze the passwords that are being used most commonly. Bad guys use this data to inform their attacks – whether building a rainbow table or trying to brute force accounts by trying popular passwords against them. What *we* do with the data is prevent you from having a password anywhere near the current attack list, so those attacks won’t work.
As I mentioned in my last blog and the latest Microsoft Security Incident Report, we see more than 10M accounts attacked daily, so we have a lot of data about which passwords are in play in those attacks. We use this data to maintain a dynamically updated banned password list.
Microsoft are compiling a list of these passwords and will continue to update, them you can find out more details at the link below.