Weak Passwords, Lousy Authentication Make for O365 Easy Pickings
Multi-Factor Authentication (MFA) is Critical for Office 365 Security
Think your complex passwords with all those numbers, special symbols, caps and lower case makes you bulletproof? You are forgetting one thing. As Microsoft security exec Alex Weiner recently blogged, with multi-factor authentication (MFA) “your account is more than 99.9% less likely to be compromised.”
Meanwhile, the US government strongly argues that MFA is “the best mitigation technique to protect against credential theft for Office 365 administrators and users.” Turns out all those pesky security codes are well worth the trouble.
Let’s face it. Hackers have raised password cracking to an art form. With so many weak passwords, it doesn’t take a rocket scientist to break them. The answer is multi-factor authentication. That is why US government Office 365 security guidelines strongly advise MFA, especially for admins.
“Multi-factor authentication for administrator accounts not enabled by default: Azure Active Directory (AD) Global Administrators in an O365 environment have the highest level of administrator privileges at the tenant level. Multi-factor authentication (MFA) is not enabled by default for these accounts,” the advisory stated.
Locking down end-user accounts through secure passwords and rigorous authentication is also essential. MFA requires at least two forms of personal user identification and is recognized by the National Institute of Standards and Technology (NIST) guidelines for password security. The United States Department of Homeland Security now recommends that all Office 365 users implement MFA. This is precisely why Microsoft provides tools such as Microsoft Authenticator for users to install on their smartphones, as well as Smartcards, to work in combination with passworded logins.
Multi-factor authentication is a surefire way to prevent unauthorized logins, and there is little excuse not to use it.
Protect Your O365 Tenant With CoreView
Or sign up for a personalized CoreView demo.
Doug Barney was the founding editor of Redmond Magazine, Redmond Channel Partner, Redmond Developer News and Virtualization Review. Doug also served as Executive Editor of Network World, Editor in Chief of AmigaWorld, and Editor in Chief of Network Computing.