• Possible security issue with new Microsoft sign-in change.

    Home » Forums » Cyber Security Information and Advisories » Cyber Security for Home Users » Possible security issue with new Microsoft sign-in change.

    • This topic has 7 replies, 6 voices, and was last updated 3 months ago.
    Author
    Topic
    n0ads
    AskWoody Lounger
    January 24, 2025 at 10:16 am #2742150

    Microsoft is changing the way you sign in – and it could be a security nightmare – ZDnet

    Avoid staying signed in on a public computer – Microsoft

    The web browser sign-in experience is changing when you sign in to any product or service using your Microsoft account. Starting in February 2025, you will stay signed in automatically unless you sign out or use private browsing.

    If you sign in on your own computer, your browser will remember your sign-in information, but if you sign in on a computer, phone or tablet that doesn’t belong to you, or is accessed by other people, you should follow the steps below to use a private browsing window instead.

    Seems to me this is an extremely bad idea!

     

    Reply | Quote
    Viewing 4 reply threads
    Author
    Replies
    • Mike
      Guest
      January 24, 2025 at 12:51 pm #2742184

      Modern MSFT yearns for and fully embraces bad ideas.

      Having said that– If you’re serious about security, don’t ever login from a public computer and always logout when finished.

      Reply | Quote
    • PKCano
      Manager
      January 24, 2025 at 12:51 pm #2742188

      Moral of that story – don’t ever use a Microsoft ID

      5 users thanked author for this post.
      Cybertooth, RetiredGeek, Alex5723, n0ads, bbearren
      Reply | Quote
      • Microfix
        AskWoody MVP
        January 25, 2025 at 12:03 pm #2742386
        PKCano wrote:

        don’t ever use a Microsoft ID

        Haven’t and quite smugly content avoiding that situation as it stands 🙂

        Although a mandatory OS microsoft ID can’t be that far away.!

        That’ll be the day MSFT gets ditched from our internet facing devices
        and my pre-emptive ‘contingency plan C’ strategy comes into force..

        Windows - commercial by definition and now function...
        1 user thanked author for this post.
        Cybertooth
        Reply | Quote
      • bbearren
        AskWoody MVP
        February 18, 2025 at 11:06 am #2749349
        PKCano wrote:

        Moral of that story – don’t ever use a Microsoft ID

        I use OneDrive, so I use a Microsoft account, although it isn’t a “Microsoft” account. OneDrive signs in when I sign in to my PC, but it does it online, not from my PC, as I don’t have a Microsoft account on the PC, only local accounts.

        Always create a fresh drive image before making system changes/Windows updates; you may need to start over!
        We all have our own reasons for doing the things that we do with our systems; we don't need anyone's approval, and we don't all have to do the same things.
        We were all once "Average Users".
        Computer Specs

        Reply | Quote
    • Paul T
      AskWoody MVP
      January 24, 2025 at 2:51 pm #2742218
      Mike wrote:

      If you’re serious about security, don’t ever login from a public computer and always logout when finished

      This is a contradiction. Did you leave bits out?

      cheers, Paul

      1 user thanked author for this post.
      George1
      Reply | Quote
    • b
      AskWoody_MVP
      January 25, 2025 at 2:06 pm #2742449

      After logging into a site with your Microsoft account in private mode, your credentials are automatically removed after you exit the site.

      Another secure option is to use a passkey, which Microsoft supports across its websites. To set this up, check out the directions in Microsoft’s support page on signing in with a passkey.

      Reply | Quote
    • b
      AskWoody_MVP
      February 18, 2025 at 8:40 am #2749317

      Microsoft isn’t automatically keeping you signed in to your account just yet 🙄

      “There will be no changes to Microsoft users’ commercial (Microsoft Entra) or consumer (Microsoft account) sign in experiences in February,” confirms Alex Simons, corporate vice president of identity & network access program management at Microsoft, in a statement to The Verge. “Media reports were based on incomplete information mistakenly published by a Microsoft product team. The incorrect notifications have been removed.”

      Microsoft’s account changes aren’t coming in February, following mistaken notifications.

      Reply | Quote
    Viewing 4 reply threads
    Reply To: Possible security issue with new Microsoft sign-in change.

    You can use BBCodes to format your content.
    Your account can't use all available BBCodes, they will be stripped before saving.

    Your information:




DON'T MISS OUT!
Subscribe to the Free Newsletter
We promise not to spam you. Unsubscribe at any time.
Invalid email address

View the Forum

  • Recent Replies
  • My Replies
  • My Active Topics
  • New Posts in the Last day
  • Private Messages
  • Knowledge Base
  • How to use the Forums
  • All Forums

    • Recent Topics

    My Profile

    May 2025
    S M T W T F S
     123
    45678910
    11121314151617
    18192021222324
    25262728293031

    Remembering Woody

     

    Want to Advertise in the free newsletter? How about a gift subscription in honor of a birthday? Send an email to sb@askwoody.com to ask how.

    Mastodon profile for DefConPatch
    Mastodon profile for AskWoody

     

    Home About FAQ Posts & Privacy Forums My Account
    Register Free Newsletter Plus Membership Gift Certificates MS-DEFCON Alerts

    Copyright ©2004-2025 by AskWoody Tech LLC. All Rights Reserved.