Windows 10 and Windows 11 users would be wise to follow the latest guidance from Microsoft with the Redmond firm issuing some vital tips to keep PCs safe from cyber attacks. The advice has been released to coincide with today’s World Password Day event which aims to highlight the dangers of having poor online security.
“In today’s world of online work, school, shopping, healthcare, and almost everything else, consumers are struggling to keep their accounts secure and passwords are not only hard to remember, but also the most common entry points for attackers,” said Microsoft in an email sent to Express.co.uk.
The company is now urging its billions of users to make some simple changes to their accounts including going completely password free.
Microsoft offers a number of ways to access things online without needing to remember a code with them aimed at reducing the stress of having multiple passwords for all those online accounts.
By using software such as the Microsoft Authenticator app, Windows Hello, a security key, or a verification code sent to your phone or email you can go passwordless with any of your Microsoft apps and services.
If that sounds less of a headache than having endless codes to remember just follow the steps below:
• Download and install Microsoft Authenticator (linked to your personal Microsoft account).
• Sign in to your Microsoft account.
• Choose Security. Under Advanced security options, you’ll see Passwordless account in the section titled Additional security.
• Select Turn on.
Microsoft says another simple step users can take to protect their accounts is by adding multifactor authentication. This blocks 99.9 percent of account compromise attacks by making sure you can only sign into an account once you’re identity has been confirmed. This is usually performed via text sent to your phone or a one-time passcode pushed to an email address you own.
The Microsoft Authenticator app is free and provides multiple options for authentication, including time-based one-time passcodes (TOTP), push notifications, and passwordless sign in—all of which work for any site that supports multifactor authentication.
If that all sounds a bit complicated and you simply want to keep logging in via a password then there’s also some useful advice to stop online crooks from cracking the codes.
It’s thought millions of us are still making simple errors including using guessable phrases such as 123456″, “qwerty” and “password”. Then there’s also the danger of using the same password for multiple accounts or writing things down on paper which could all put accounts at risk.
Along with its advice on going passwordless, Microsoft has also released a list of recommendations to keep users safe which includes:
• Maintain a length of 12 characters for your passwords (14 or more is better)
• Use a combination of uppercase and lowercase letters, numbers, and symbols.
• Create unique passwords for each account and ensure each one is different from the last
• Use multifactor authentication when available
•Don’t use personal dates, names, messages or common words as your password
•Continue to check for malware updates on your devices and keep them up to date
• Changed immediately if you suspect it may have been compromised.