Microsoft Confirms Password Deletion For 1 Billion Users—Attacks Up 200%

Microsoft has confirmed plans to delete 1 billion user passwords. “The age of passwords is ending,” it warned those users, “and the bad guys know it, which is why they’re desperately accelerating password-related attacks while they still can.”

The company now “blocks 7,000 password attacks per second…almost double the number a year ago.” It also sees intermediary adversaries Phishing Attacks increased by 146% year-on-year. All of this is bad news. But good news is coming, it says, “We’ve never had a better solution to these pervasive attacks: Master Keys.”

ForbesTikTok ban – change your account before it’s too latego through Zach Duffman

in a Blog article In a report released Thursday, Microsoft laid out how it plans to “convince a billion users to like Skeleton Key” through insightful design. “Not only do keys provide a better user experience by allowing you to log in faster using your face, fingerprint, or PIN, but they are also less susceptible to the same types of attacks as passwords. Additionally, master keys eliminate forgotten passwords and one-time The case of sex codes.

This year, master key adoption has accelerated. “In the two years since the key was released and made available for consumers, FIDO Alliance It was reported a few weeks ago that “key awareness is up 50%, from 39% in 2022 to 57% in 2024.”

Like Microsoft, it says ease of use is just as important as improving security. “The majority of people familiar with passwords support the technology for logging in…At the same time, while passwords remain the most common way to log in to accounts, overall usage has declined as alternatives have increased in availability.”

Microsoft’s blog post is primarily about pushing the adoption curve further because, as always, the last 30-40% of users will be the hardest to convince. “Somehow, we have to convince a staggeringly large and diverse group of people to permanently change familiar behaviors and get excited about it. We asked ourselves: How do we convince over a billion people to love Skeleton Key as much as we do?

Once completed, there is no turning back for data display:

• “Logging in with a key is three times faster than logging in with a traditional password, and eight times faster than logging in with a password and traditional MFA.
• The success rate of users logging in using a gold key is three times higher than logging in using a password (98% vs. 32%).
• 99% of users who initiate the key registration process complete it.

I like the three-step approach Microsoft proposes – start small, take a simple first step, try different approaches, and finally scale.

ForbesiOS 18.2 – iPhone update is bad news for millions of Google usersgo through Zach Duffman

Microsoft said: “Even if we have more than 1 billion users register and use keys, if a user has both a key and a password, and both grant access to the account, the account is still at risk for phishing. Our ultimate The goal is to completely remove passwords and have accounts that only support phishing-proof credentials. The company offered password removal capabilities back in 2022, and now reports that “millions of users have deleted their passwords.”

It’s really that simple. You should use keys wherever available. Connect secure access to accounts, apps or services to the physical hardware you are using, which is protected by biometric access and PINs and is never shared or retained outside the device. It’s even more secure than 2FA, since most 2FA is based on SMS messages and can be intercepted by malicious applications on the device.