Security Breach ***Serious*** (Yes you should read this)

Greetings, 

The following has come to my attention, thanks to another person who discovered it. 

Using the old skype name, for example xxxxx and a password which is *different* than your xxxxx  @email.here someone who got access to said OLD password could log in email and skype.

Changing microsoft account password, for example changing password for "xxxxx"  @email.here which i was using for logging in into my email or microsoft account, did NOT change the password of just xxxxx (with no @email.here)

So for the same account, there are TWO doors, each with its own password.

I changed password for my account so many times, and i didn't know that someone could still log in with just "xxxxx" and his own password.

someone had access to my skype and email  and i didnt know how or why.

changed passwords, reinstalled windows, again he had access and i couldnt figure out why. 2way security doesn't work, changing passwords doesnt work, that security hole still has its own pass.

My first question is:  Why are there two ways to log into Microsoft, each with its own password.

2nd question: i hadn't use the old skype name, namely just "xxxxx" as i was logging in skype with *** Email address is removed for privacy *** +my pass.

How was i supposed to know, that even if i changed password 100times, "xxxxx" would still have the same password from 10 years ago.

And last question, how can i disable that access, delete it, and just have one way to log into microsoft, mail and skype etc. *** Email address is removed for privacy *** and not just xxxxx.

how could microsoft leave a security hole like this!

I got a mail stating that someone was changing my security info, i went into my microsoft account and everything was normal.

Luckily i found a person who found what the problem was. So i tried to log in with just "xxxxx" and no emal afterwards, and after changing that password THEN i received a message about my account being compromised! 2 different accounts with their own passwords for my account. but both of them led to my email and  my skype

 

I seriously dont know how a Serious company like Microsoft did something like this. Old skype accounts still have their own pass and their own access. And users like me had no idea. Even if you change password every day, that one never changes.

Sorry if i was a bit "energetic" on this one, i spent a lot of time to figure out what the problem was. And if i didn't solve it, someone would have connected my account to a different email and lock me out after 30 days. And i didnt know why skype was slow, like it was open on many devices, even after i changed passwords. Luckily the person tried to change emails and i found the "hole".

tl;dr 

Old skype name, with no @email.here after the name, still has its own pass and said pass doesnt change when you change your mail or skype password, but it still gives access to them. 

*edited for clarification

Answer
Answer

We appreciate the time and effort spent to isolate your concern. We know the importance to have a secured Microsoft account, and our best practice that we suggest is to create a strong password for your account and never share it to anyone, use the Microsoft Authenticator phone app, get the latest update for your operating system, check the recent activity on your account and manage trusted devices. See this article for more information.

Issues regarding Skype account will be best handled by our Skype Support Team. We suggest that you contact our Skype expert to further assist you regarding account related concern. You may see this link for the steps about how to contact our Skype support and refer to Andre for Directly post.

Should you still need assistance, feel free to reply to this thread.

1 person found this reply helpful

·

Was this reply helpful?

Sorry this didn't help.

Great! Thanks for your feedback.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this reply?

Thanks for your feedback.

 
 

Question Info


Last updated January 6, 2021 Views 375 Applies to: