Microsoft to put an end to Password change

As the change of passwords on a regular note could actually put online users into risk, tech giants like Microsoft are thinking to put an end to such usage. The American software giant has, in fact, started the initiative by secretly removing ‘password expiration’ theory where old passwords are no longer eligible for reuse after a specific period of time from the baseline of settings.

Traditionally speaking, security experts urge online users to change their passwords on a regular note as hackers can access sensitive info when the password info falls into wrong hands.

But now the security experts from the Windows OS developer say that periodic change of passwords does more harm than good.
Instead, they are insisting on building passwords which are of a minimum of 11 characters and are a combination of numbers, alphabets, and special characters.

A research carried out by the Redmond giant says that hackers have become sophisticated these days as they are able to crack encrypted passwords by using over 8 billion passwords junk over regular graphics cards.

Aaron Margosis, the Security Consultant from Microsoft said that users should only change their passwords only if they learn that their account has been compromised by various means. Unless and until this incident, they may go for strong passwords for longer periods of time.

Opting for a 2-factor authentication where unrecognized devices are required to sign-in additional passwords sent to a mobile phone or email; might also work.

But despite these comprehensive concerns, many choose not to opt-in, either because they aren’t aware of the current situation in the cyber landscape or believe that they will never ever fall into the books of hackers.

Note- ‘Password Expiration’ policy in Windows 10 which is found in the Settings-> security & privacy page allows system admins to change their passwords after a specific period of time. Also, they can set the settings to never change their passwords.

Ad
Join over 500,000 cybersecurity professionals in our LinkedIn group "Information Security Community"!
Naveen Goud
Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

No posts to display