Microsoft is banning easy-to-guess passwords, to protect users from themselves

In response to a hacker releasing 117 million usernames and passwords, Microsoft is putting an end to insecure passwords.
Image: REUTERS/Pawel Kopczynski
Stay up to date:
Cybersecurity
In response to a hacker releasing 117 million usernames and passwords reportedly leaked from LinkedIn in 2012, Microsoft is changing the way it thinks about passwords. Or, rather, how they let us think about passwords.
Most digital accounts set password requirements, demanding certain length, special characters or capitalization for validity. But, according to research done by one of Microsoft’s program managers, humans tend to respond to these requirements in predictable ways, actually making them more easy to crack.
To counter this, Microsoft is taking advantage of the millions of leaked passwords to identify the most common ones and ban their use for future users.
Announced in a blog post, this dynamically updating list of bad passwords is Microsoft’s attempt to increase security, and protect users from their tendency to choose passwords like “123456.”
With every new password leak, the list will update to ban other terrible passwords that emerge.
The feature is already integrated into Microsoft Account Service, including Outlook, Xbox and OneDrive.
Unless an individual selects a terrible password, setting up a new account will remain the same. But if they do, the individual will then be asked to “choose a password that’s harder for people to guess.”
More from Business Insider:
Don't miss any update on this topic
Create a free account and access your personalized content collection with our latest publications and analyses.
License and Republishing
World Economic Forum articles may be republished in accordance with the Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International Public License, and in accordance with our Terms of Use.
The views expressed in this article are those of the author alone and not the World Economic Forum.
Forum Stories newsletter
Bringing you weekly curated insights and analysis on the global issues that matter.
More on CybersecuritySee all
William Dixon
June 30, 2025
Spencer Feingold
June 18, 2025
Leo Simonovich and Filipe Beato
June 18, 2025
Marco Túlio Moraes
June 18, 2025
Kaushal Rathi and Mandanna Appanderanda Nanaiah
June 16, 2025
Akshay Joshi
June 12, 2025