Weak Passwords, Lousy Authentication Make for O365 Easy Pickings



Multi-Factor Authentication (MFA) is Critical for Office 365 Security

office 365 two factor authentication

Think your complex passwords with all those numbers, special symbols, caps and lower case makes you bulletproof? You are forgetting one thing. As Microsoft security exec Alex Weiner recently blogged, with multi-factor authentication (MFA) “your account is more than 99.9% less likely to be compromised.”

Meanwhile, the US government strongly argues that MFA is “the best mitigation technique to protect against credential theft for Office 365 administrators and users.” Turns out all those pesky security codes are well worth the trouble.

Let’s face it. Hackers have raised password cracking to an art form. With so many weak passwords, it doesn’t take a rocket scientist to break them. The answer is multi-factor authentication. That is why US government Office 365 security guidelines strongly advise MFA, especially for admins.

“Multi-factor authentication for administrator accounts not enabled by default: Azure Active Directory (AD) Global Administrators in an O365 environment have the highest level of administrator privileges at the tenant level. Multi-factor authentication (MFA) is not enabled by default for these accounts,” the advisory stated.

Locking down end-user accounts through secure passwords and rigorous authentication is also essential. MFA requires at least two forms of personal user identification and is recognized by the National Institute of Standards and Technology (NIST) guidelines for password security. The United States Department of Homeland Security now recommends that all Office 365 users implement MFA. This is precisely why Microsoft provides tools such as Microsoft Authenticator for users to install on their smartphones, as well as Smartcards, to work in combination with passworded logins.

Multi-factor authentication is a surefire way to prevent unauthorized logins, and there is little excuse not to use it.

Protect Your O365 Tenant With CoreView

Get your O365 security profile FREE with our new CoreDiscovery solution. You can get your free software now at the CoreDiscovery sign up page: https://www.coreview.com/core-discovery-sign-up/.

Or sign up for a personalized CoreView demo.


Doug Barney

Doug Barney was the founding editor of Redmond Magazine, Redmond Channel Partner, Redmond Developer News and Virtualization Review. Doug also served as Executive Editor of Network World, Editor in Chief of AmigaWorld, and Editor in Chief of Network Computing.



2020 Guide to Managing Your Remote Workforce

Data from Harvard Business Review and Gartner show how to keep your remote workers secure and happy, without sacrificing productivity.

Read now