Millions of Microsoft users are reusing passwords

News
By
last updated

44 million Microsoft users are guilty of credential reuse

(Image credit: Shutterstock)

After a scan of all of the company's user accounts conducted between January and March of this year, the Microsoft threat research team discovered that 44m users are reusing usernames and passwords that were leaked online following security breaches at other online services, despite the widespread availability of password managers.

The software giant explained that it scanned user accounts by using a database of more than three billion leaked credentials that it obtained from multiple sources including law enforcement and public databases.

By conducting the scan, Microsoft was able to identify users who had reused the same usernames and passwords across multiple online services. The company explained what it did after it discovered that users had reused usernames and passwords, saying:

"For the leaked credentials for which we found a match, we force a password reset. No additional action is required on the consumer side. On the enterprise side, Microsoft will elevate the user risk and alert the administrator so that a credential reset can be enforced."

Credential reuse

Microsoft and other tech giants typically warn users against using weak or simple passwords when creating an account but unfortunately these warnings do not apply when a someone reuses credentials from another service.

While Microsoft checks to make sure that its users are utilizing complex passwords, there is no way for the company to know if a user has reused that password for other services.

After a third-party service suffers a security breach that results in user credentials being leaked online, this also puts a user's Microsoft account at risk even if they have employed a strong password.

To prevent hackers and other malicious actors from taking over your accounts after a data breach, it is highly recommended that you use a unique password for each online service you use.

Via ZDNet

TOPICS
Anthony Spadafora
Anthony Spadafora

After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home. 

Latest in Security
Woman shocked by online scam, holding her credit card outside
Cybercriminals used vendor backdoor to steal almost $600,000 of Taylor Swift tickets
Woman using iMessage on iPhone
UK government guidelines remove encryption advice following Apple backdoor spat
Cryptocurrencies
Ransomware’s favorite Russian crypto exchange seized by law enforcement
Wordpress brand logo on computer screen. Man typing on the keyboard.
Thousands of WordPress sites targeted with malicious plugin backdoor attacks
HTTPS in a browser address bar
Malicious "polymorphic" Chrome extensions can mimic other tools to trick victims
ransomware avast
Hackers spotted using unsecured webcam to launch cyberattack
Latest in News
Apple iPhone 16 Review
Three iPhone 17 model dummy units appear in a hands-on video leak
The Samsung Galaxy S25 Edge on display the January 22, 2025 Galaxy Unpacked event.
New Samsung Galaxy S25 Edge may have revealed some key details – including its price
Quordle on a smartphone held in a hand
Quordle hints and answers for Sunday, March 9 (game #1140)
NYT Strands homescreen on a mobile phone screen, on a light blue background
NYT Strands hints and answers for Sunday, March 9 (game #371)
NYT Connections homescreen on a phone, on a purple background
NYT Connections hints and answers for Sunday, March 9 (game #637)
WhatsApp
WhatsApp just made its AI impossible to avoid – but at least you can turn it off
More about security
Woman shocked by online scam, holding her credit card outside

Cybercriminals used vendor backdoor to steal almost $600,000 of Taylor Swift tickets
Cryptocurrencies

Ransomware’s favorite Russian crypto exchange seized by law enforcement
Workplace AI Adoption

ChatGPT remains the most popular AI tool in offices worldwide, survey finds, with India leading the way
See more latest
Most Popular
Workplace AI Adoption
ChatGPT remains the most popular AI tool in offices worldwide, survey finds, with India leading the way
Lexar ARMOR GOLD and SILVER PRO
Almost indestructible memory card launched; Lexar's Armor SD steel cards are water resistant and can survive a 16-feet drop
IBM FlashSystem C200
'Writing is on the wall for spinning rust': IBM joins Pure Storage in claiming disk drives will go the way of the dodo in enterprises
Disney Imagineering BDX Droids at Disneyland Galaxy's Edge
The adorable BDX Droids are coming to more Disney Parks around the world, including Disney World
Orange servers and networks
Alibaba doubles down on RISC-V architecture with a new secretive 'server-grade' chip that will put AMD and Intel on alert
Apple iPhone 16 Review
Three iPhone 17 model dummy units appear in a hands-on video leak
Samsung Galaxy S25 Ultra HANDS ON
‘I don't see a space where the S Pen is not a key part of our portfolio’: Samsung executive defends the S Pen amid cancellation rumors
NYT Strands homescreen on a mobile phone screen, on a light blue background
NYT Strands hints and answers for Sunday, March 9 (game #371)
Quordle on a smartphone held in a hand
Quordle hints and answers for Sunday, March 9 (game #1140)
NYT Connections homescreen on a phone, on a purple background
NYT Connections hints and answers for Sunday, March 9 (game #637)