Click to Skip Ad
Closing in...

Now they tell us: Microsoft says strong passwords are overrated

Published Jul 16th, 2014 6:45PM EDT
Best Password Tips Microsoft

If you buy through a BGR link, we may earn an affiliate commission, helping support our expert product labs.

You know all the time and trouble you put into making and memorizing unique strong passwords for every website you visit? Well, Microsoft says a lot of that was likely misspent energy. The Guardian informs us that new research from Microsoft (PDF) shows that we probably shouldn’t use strong passwords for all our websites and that having weak passwords will suffice in many circumstances.

Microsoft does say that unique strong passwords have their uses, of course, it’s just that they should be saved for websites that really do contain sensitive information such as online banking. Microsoft also points out the risks of using password managers like 1Passwsord and LastPass — namely, if a hacker somehow figures out how to hack into your password vault, you’re basically screwed because they’ll be able to access every one of your online accounts all in one place.

“Strategies to cope with the human impossibility of using strong passwords everywhere without re-use include single-sign-on, use of email-based password reset mechanisms, and password managers,” the researchers write before noting that the “main risk” with these strategies is that “portability across different client devices is lost as the passwords (if they are unique and random) are effectively anchored to the client on which they are stored.”

So instead of using password managers or creating complex passwords for every site, you should feel free to use simple passwords for, say, your Reddit and Disqus accounts while saving your most complicated and unique passwords for your bank account.

Brad Reed
Brad Reed Staff Writer

Brad Reed has written about technology for over eight years at BGR.com and Network World. Prior to that, he wrote freelance stories for political publications such as AlterNet and the American Prospect. He has a Master's Degree in Business and Economics Journalism from Boston University.