Latest in Gaming

Image credit:

Microsoft adjusts reported Live ID security concern


Microsoft has quietly altered its Windows Live ID login in response to a reported security concern. Last week, a brute force hack was exposed, with Microsoft's phrasing of error codes and infinite attempts to access accounts helping hackers along. The security flaw gained more exposure due to the ongoing "FIFA hack" and related security concerns.

"Before it would just let you try over and over," Jason Coutee, the IT consultant credited with exposing the flaw, wrote Joystiq. "But now ... they handle the sign in request on the server in a way that it will stop replying after about 20 attempts."

Coutee feels that Microsoft tightened the security, but didn't make any noticeable changes on the front end.

"Good news is that at least they lengthened the time it would take to brute force Live IDs."

Microsoft notes that the exploit was not a loophole in, but a brute force attack that is an "industry-wide issue."

From around the web

ear iconeye icontext filevr