Skip to content
Gadgets Lead: Exploring the Latest Tech Trends

Microsoft Account Lockout Saga: LibreOffice Developer's Seven-Day Ordeal Sparks Controversy

Developer of LibreOffice, Mike Kaganski, was locked out of his Microsoft account for a week, with initial support requests being disregarded. Microsoft allegedly accused Kaganski of breaching terms within their Services Agreement.

 and  Administrator
3 min read
Microsoft Account Lockout Incident: LibreOffice Developer Experiences a Week-Long Ordeal, Sparking...
Microsoft Account Lockout Incident: LibreOffice Developer Experiences a Week-Long Ordeal, Sparking Safety Worries

Microsoft Account Lockout Saga: LibreOffice Developer's Seven-Day Ordeal Sparks Controversy

A recent incident involving Russian developer Mike Kaganski, a part of the LibreOffice development team, has highlighted the potential dangers of relying solely on one cloud-based system, particularly for backups. Kaganski was locked out of his Microsoft account after sending an email containing notes on code bugs and potential fixes.

The incident underscores the importance of maintaining backup strategies, secure password practices, and two-factor authentication (2FA) methods to prevent issues like account lockouts on Microsoft services.

Backup Strategies

An emergency kit containing critical credentials and recovery codes is essential. This kit should include your computer login passwords, all 2FA recovery codes, passkey recovery codes, and backup codes for email accounts. Store multiple copies securely in separate safe locations, either as a physical paper copy or an encrypted digital file.

Secure Password Practices

Windows 11's latest versions enforce account lockout policies by default, locking accounts after 10 failed sign-in attempts for 10 minutes to prevent brute-force attacks. Use complex passwords that comply with Microsoft’s enforced policies, especially for local administrators, to reduce the risk of lockouts due to repeated failed attempts. Consider using password managers secured with a master password protected by passkeys or 2FA to safely manage complex passwords.

Two-Factor Authentication (2FA) Methods

Enabling 2FA or passwordless login methods significantly enhances account security and helps avoid lockouts triggered by unauthorized access attempts. Microsoft recommends enabling 2FA or passwordless login methods such as facial recognition or fingerprint scanning where available. Save all recovery codes for 2FA in your emergency kit to regain access if 2FA devices are lost or inaccessible.

Additional Measures

Keep Windows 11 updated to benefit from the latest security enhancements, such as improved Defender SmartScreen, Credential Guard, and account lockout policies that protect against brute-force and remote attacks. Enabling device encryption with BitLocker backed by TPM and Secure Boot also safeguards data in case of physical device attacks.

In summary, creating and securely storing an emergency kit, using strong, complex passwords and a password manager protected by a master password plus 2FA, enabling 2FA or passwordless methods, keeping Windows 11 fully updated, and considering enabling BitLocker device encryption with TPM and Secure Boot can help prevent account lockouts and mitigate risks from brute-force attacks or loss of access due to forgotten credentials or device failure.

Mike Kaganski, despite regaining access to his Microsoft credentials after a week, has expressed a soured impression of Microsoft due to the length of time taken to recover his account. Backing up a Windows 11 PC and its files only goes so far in preventing account lockouts. It is recommended to have physical backups of data before cloud backups.

The password to a Microsoft account should be the most secure password used. In case of account lockouts, it may be necessary to use alternative methods to contact Microsoft support, such as using a family member's account. Microsoft's support suggested providing a phone number as a verification method, but claimed it wasn't working.

Consider diverse methods for 2FA beyond emails directed to an Outlook account to avoid potential account takeover by a bad actor gaining access to an Outlook email and other passwords. External hard drives and USB flash drives are suggested for physical backups.

In conclusion, implementing these measures helps ensure the security of your digital identity and protects against account lockouts on Microsoft services for Windows 11 users.

  1. An emergency kit containing critical credentials and recovery codes is essential for Windows 11 users, including computer login passwords, all 2FA recovery codes, passkey recovery codes, and backup codes for email accounts.
  2. To prevent brute-force attacks and account lockouts, Windows 11's latest versions enforce account lockout policies, locking accounts after 10 failed sign-in attempts for 10 minutes.
  3. Enhancing account security on Microsoft services can be achieved by enabling 2FA or passwordless login methods such as facial recognition or fingerprint scanning, and securing complex passwords with password managers.
  4. For maximum security, consider backing up files both on Windows 11 PCs and physically on external hard drives or USB flash drives.
  5. In the case of account lockouts, contact Microsoft support using diverse methods, such as through a family member's account or suggested phone verification, to avoid potential issues with email-based 2FA.

Read also:

    Related

    Latest