This is a very smh facepalm bridgepinch sigh moment, where Microsoft could have taken the high road and gently educated users by restricting insecure passwords instead of blocking their use entirely. A simple bit complexity algorithm like what KeePass uses could determine a threshold beneath which restrictions on adding/using passwords could start to bite.
I only use their app for Microsoft resources, as the 2FA and other security features are stronger through the app than through other 2FA channels. The 2FA itself, for example, is plumped up from 6 to 8 digits. And there is a challenge/response code you can use as well.
But still, IMO this was a massive missed opportunity.
I only use their app for Microsoft resources, as the 2FA and other security features are stronger through the app than through other 2FA channels. The 2FA itself, for example, is plumped up from 6 to 8 digits. And there is a challenge/response code you can use as well.
But still, IMO this was a massive missed opportunity.