Automated attacks are a threat in the modern world of cybersecurity. To stay safe, Microsoft advises that cloud users should turn on two-factor authentication, as it is successful at preventing 99.99% of account breaches.
It’s a good cybersecurity practice to follow when logging in to other websites and services as well. Whether it’s advanced-level biometrics or a simple SMS confirmation, Microsoft recommends it so the users can stay safe.
In addition, when choosing your password, make sure to avoid using one that has been exposed in a breach before. Don’t make the mistake of counting on password complexity alone to keep you safe. In the past, this may have been enough, but industry experts have long been warning this is not the case in the world of today.
This is because hackers rely on various methods to get their hands on it:
- Credential stuffing. Your device can become infected when browsing compromised websites with bad data protection policies.
- Phishing. The perpetrators send an email that either threatens the user or promises entertainment. The credentials are extracted through a fake login form.
- Keystroke logging. When your device is infected with malware that records every keystroke, the hacker can extract passwords from the logs.
- Local discovery. Upon obtaining access to your private notes, the perpetrator can scan them for passwords.
- Extortion. The perpetrator threatens the victim with harm unless credentials are provided.
- Password spray. The hackers tries entering multiple passwords obtained from a list until one works.
- Brute force. A computer-based entry attempt.