44 million Microsoft user accounts were employing login credentials that had been breached previously at other online services, according to the Microsoft threat research team. The computing giant has forced a password reset for all affected users and no additional action is required on the consumer side, although on the enterprise side, “Microsoft will elevate the user risk and alert the administrator so that a credential reset can be enforced.
”This summer, Microsoft claimed that enabling a multi-factor authentication security measure would block 99.9% of all attacks. Password managers are also an inexpensive, yet effective, way to manage secure, complex passwords for all your accounts. Additionally, investing in a credible identity intelligence monitoring service takes an even more active approach to protecting personal information.
Microsoft typically warns against using weak or easy-to-guess passwords when setting up an account, but these warnings don't cover password reuse scenarios. This is because users might be using a complex password that would pass Microsoft's checks, but Microsoft has no way of knowing if the user has reused that password in other places.