Password! Password!! Password!!!

What is worse then having a week password? Storing your password in clear text. Fortunately/Unfortunately It is nothing to do with you.

WP Sauce reports an attack took place yesterday, with the EvilShadow team replacing the front page to Microsoft’s online India store

with a page called evil.html. The site is still currently down.

Microsoft cleaned up their server, but the site is still down

at http://www.microsoftstore.co.in/

The worst part of the story is the hackers has released user name and password combinations that were saved in plain text by Microsoft. Yes Microsoft stored your password in clear text.

Microsoft really needs to re-think security approach for their existing and upcoming services.   Users has been victim of their poor design for years. I still do not have confidence using my windows machine as a secured console if it is more then couple of weeks old.

Security is something which should always have multilayer approach. Storing password in plane text is surely not one of them as a matter of fact this is so naïve that even a small business admin could get fired for doing something like that in their production environment.

If you used your password with Microsoft India store, you should be changing it as soon as their service becomes available. I am amusing you cannon change it until the service is back online, unless this is a Microsoft passport password!!!

Good luck Microsoft and to us 😉