The 44 million jackpot
Microsoft is reporting that 44 million Microsoft accounts are using compromised passwords. Microsoft stated for consumer accounts they forced password resets and for enterprise accounts they alerted the administrator of the accounts so they can enforce a password reset.
Password reuse is common and is dangerous. Known passwords are consistently used by hackers trying to gain unauthorized access to business accounts. Small businesses should implement strong password policies that prohibit the reuse of passwords and similar passwords. They can also deploy the use of password manager tools to help organize and minimize the reuse of passwords while increasing the strengths of the passwords. Small business can also deploy the use of multi-factor authentication, which requires more than just the username and password by requiring additional forms of authentication, typically a onetime expiring passcode. Lastly, a small business should monitor their employees’ passwords against known password lists and require password changes when necessary.