SKYPE DOWN PASSWORD
Either way, you won't be able to use your old Skype password anymore, and attackers will have to know the email address associated with your account. You can continue using this or disable it under the aliases preferences, to ensure nobody can try to sign in with your Skype username. Once the two accounts are properly merged, Microsoft creates a Skype alias to let you keep signing in with a Skype username. Secure your Skype and Microsoft Account immediately
If you've already linked a Microsoft Account to Skype, then you'll need to "update" your Skype account to ensure it's fully merged over at Microsoft's account page. The ability to bypass Microsoft's two-factor authentication is yet another dent in Skype's security.ĭespite this glaring hole, Microsoft has a fix, but it's not making it very clear to users who have already linked accounts or automatically fixing it for them. It was an embarrassing security hole that was fixed the same day, but it knocked confidence in Microsoft's approach to securing Skype.
SKYPE DOWN PATCH
Microsoft had to patch a major flaw that left Skype accounts open to attack if you knew the associated email address back in 2012. It's a bizarre situation that highlights Microsoft's challenges of integrating Skype, while upgrading its aging infrastructure away from a peer-to-peer service. I thought I was protected by Microsoft's two-factor authentication, but I wasn't.Īs if Skype isn't bad enough as an app, Microsoft has two separate login mechanisms. I even tested this on my own personal accounts, and I was able to log into my Skype account with an old password despite linking it to my Microsoft Account months ago. The Microsoft employee had used two-factor authentication, but hackers were able to log in using an old Skype username and password combination. I spoke to a Microsoft employee, on condition of anonymity, who had a Skype account breached recently. Your Skype account might not be as secure as you think If that password isn't secure or you used it elsewhere then hackers can use it to gain access to Skype, bypassing any two-factor authentication provided by Microsoft. If you already enabled this months ago, it turns out that Microsoft has kept your original Skype account password separate so that it can still be used to access the service with a Skype username. Microsoft offers the ability to link a Skype and Microsoft Account together to make sign-in and security easier.
This year's attack appears to be growing in size, and Skype users might think they're protected by Microsoft's two-factor security, when in reality they're probably not.
SKYPE DOWN UPDATE
We continue to take steps to harden the login process and recommend customers update their Skype account to a Microsoft account to benefit from added protections such as two-factor authentication." "There is no breach of Skype security, instead we believe criminals are using username and password combinations obtained illegally to see if they exist on Skype. "Some Skype customers have reported their accounts being used to send spam," says a Microsoft spokesperson in a statement to The Verge. Microsoft says there is no breach of Skype security Skype has fallen victim to similar attacks before, and hackers were able to spoof messages on the system last year after using lists of stolen usernames and passwords to gain access to accounts. Breached Skype accounts are used to send thousands of spam messages before they're locked and the owners have to regain access. That wasn't the case, though.Ī thread on Microsoft's Skype support forums reveals this has been occurring to hundreds of Skype users since at least August. All were surprised to see their accounts breached, and some believed they were protected by Microsoft's two-factor authentication. In the past couple of weeks, I've received spam links to Baidu from six of my Skype contacts, one of whom works for Microsoft's PR agency and another is a former Microsoft employee.
If you've received a weird message on Skype with a link to Baidu or LinkedIn recently, you're not alone.
0 kommentar(er)
