Connect with us

Cornnation News

Frosted Flakes: Buried By Hackers

Get more secure or get hacked.

This week has sucked so far.

I’m not going into too much detail, but I have a site whose Office 365 accounts have been hacked through web access. This occurred because those user passwords were generated with an algorithm that uses a standard format of four characters and four numbers. The key is, apparently, that the four characters are always “pronounceable”, which means hackers just generate a list of, say, 250k possibilities, and then they slow attempt to log into your Office 365 account using known email addresses.

It’s been a mess of changing user passwords and making sure everything is working properly. We could enable multi-factor authentication which requires our users have a phone to which we could send a text message (as an example). Is that fair to our users who are not carrying company phones? Can we do that to them? Not at this point, anyway.

Click to comment

You must be logged in to post a comment Login

Leave a Reply

Advertisement

Must See

Advertisement Enter ad code here
Advertisement

Facebook

Advertisement

More in Cornnation News