Microsoft: 99.9% of compromised accounts did not use multi-factor

Page 5 of 5 FirstFirst ... 345
  1. z3r010's Avatar
    Posts : 9,918
    Windows 10 Workstation x64
       #40

    My favourite method for 2FA is my Yubikey I just wish more places would offer it as an option.
      My Computers

  2. Andrew129260's Avatar
    Posts : 191
    Windows 10 Pro x64 latest version
       #41

    TairikuOkami said:
    I do not, I only use it, when it is forced, like on steam. I use Password123 on 95% of my accounts, just for fun. 3 times it has been stolen according to haveibeenpwned and not a single account was ever hacked. One of the reason I do not like Microsoft is, that it keeps record of previous passwords. I had to change it once and it did not allow me to reuse Password123 afterwards, not even Password321, it was against password policy.
    Well......that is certainly interesting....definitely no harm in posting that whatsoever. /s

    I can't even begin with how messed up this statement is.

    z3r010 said:
    My favourite method for 2FA is my Yubikey I just wish more places would offer it as an option.


    Just checked them out, looks like they do work already with a lot of things I use. Will probably look into this, thanks
    Last edited by Andrew129260; 10 Mar 2020 at 06:45.
      My Computers

  3. Golden's Avatar
    Posts : 1,635
    Windows 10 Pro x64
    Thread Starter
       #42

    Yubikey and the Google Titan key are probably the best 2FA you could use
      My Computers

  4. Andrew129260's Avatar
    Posts : 191
    Windows 10 Pro x64 latest version
       #43

    Golden said:
    Yubikey and the Google Titan key are probably the best 2FA you could use
    yes, I use my phone as the hardware token. That works well. But I have been thinking about getting an actual security key.
      My Computers


  5. Posts : 61
    Windows 10 Pro x64 w/ Start 10
       #44

    Golden said:
    Yubikey and the Google Titan key are probably the best 2FA you could use
    They are the ultimate, but for now they have limited usefulness for most accounts. I say that because for many accounts, you cannot explicitly require a security key as the only 2nd factor or you can do an account recovery that essentially bypasses it. Many accounts that will let you use them will fall back to another option if the key is not available, and there is no opting out of that.

    Microsoft is this way, for example. If I enable a security key on an MS account and I lose my key, I can still get in another way. It's this 'account recovery' that is the weak link for pretty much everyone.

    Google's Advanced Threat Protection is the only email offhand I can think of where they require the key, no exceptions. It's pretty easy to use -- I tried it once. It doesn't really noticeably change the end-user experience.
      My Computer

  6. Golden's Avatar
    Posts : 1,635
    Windows 10 Pro x64
    Thread Starter
       #45

    kjlkjadfasdfasd said:
    Microsoft is this way, for example. If I enable a security key on an MS account and I lose my key, I can still get in another way. It's this 'account recovery' that is the weak link for pretty much everyone.
    Yes, that is a valid concern. My understanding is that some services (I believe Bitwarden might be one) allow you to forgo a second authentification option, but that option is generally far and few between on many services unfortunately.
      My Computers


 
Page 5 of 5 FirstFirst ... 345

  Related Discussions
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd
All times are GMT -5. The time now is 22:53.
Find Us




Windows 10 Forums