Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


Kyanar

3910 posts

Uber Geek

Trusted
Subscriber

#239317 11-Jul-2018 21:41
Send private message

So last night I casually turn on the Xbox to try and get a bit of gaming in before doing some work. "Sorry, sign in using a controller". Huh, OK, do that. "Sorry, something's wrong. You need to sign in on the web". That's new, so off to the laptop to sign in - "Your Microsoft account has been temporarily suspended. Please contact customer support and we'll ask you some questions and help you make sure your account is secure".

 

Contact Support. No option to phone, or email, just fill in a form. Fill in the form, "we'll contact you within 24 hours". Sorry, what? You've locked me out of paid services for an indeterminate amount of time and the only recourse is filling in a form and we'll get back to you? Chat support - "no, you have to wait for online safety to get back to you". Partner support - "that's odd, let me try fix that. Try resetting your password using this link, that'll fix it" - great, two factor comes in handy! - nope, the authenticator code works, but it requires another factor and all of those are "service temporarily unavailable". "Sorry, you'll have to wait for online safety".

 

24 hours later and, you guessed it! No contact back. Still locked out of tons of paid services, and everyone just says "sorry the automated system locked you out, but you have to wait for online safety to review and fix it".

 

If you can't meet your own stated timeframes for a response to automatically locking people's accounts that actually have your 2-factor that's supposed to prevent this, I would submit maybe you shouldn't be automatically locking people's accounts!

 

Meanwhile, anyone know anyone at Microsoft?


Create new topic
freitasm
BDFL - Memuneh
76856 posts

Uber Geek

Administrator
ID Verified
Trusted
Geekzone
Lifetime subscriber

  #2054628 11-Jul-2018 22:02
Send private message

Arghhhh. Sorry to hear that

@nathan is still there.




Please support Geekzone by subscribing, or using one of our referral links: Dosh referral: 00001283 | Sharesies | Goodsync | Mighty Ape | Backblaze

 

freitasm on Keybase | My technology disclosure

 

 

 

 

 

 


 
 
 

Backblaze Unlimited Backup. World’s easiest cloud backup. Get peace of mind knowing your files are backed up securely in the cloud (affiliate link).
Kyanar

3910 posts

Uber Geek

Trusted
Subscriber

  #2054632 11-Jul-2018 22:08
Send private message

It is a ... thrilling experience I do say! I'm not sure why companies put so much trust in their automated processes to take such drastic actions to be honest.

 

With that said though, I thought two factor authentication was supposed to make this sort of thing a thing of the past? We accept a minor inconvenience to our authentication to be secure in the knowledge that no-one else can access our accounts?


SaltyNZ
7244 posts

Uber Geek

Trusted
2degrees
Lifetime subscriber

  #2054707 12-Jul-2018 07:44
Send private message

Kyanar:

 

It is a ... thrilling experience I do say! I'm not sure why companies put so much trust in their automated processes to take such drastic actions to be honest.

 

With that said though, I thought two factor authentication was supposed to make this sort of thing a thing of the past? We accept a minor inconvenience to our authentication to be secure in the knowledge that no-one else can access our accounts?

 

 

 

 

Indeed, you can easily see some less drastic compromises - for example, instead of locking you out of the account, perhaps merely lock new purchases or trades or in-game items. That way you can at least still play while the account problem is sorted out, and if your account *is* compromised, then the hacker can play your games, which affects nobody.





iPad Pro 11" + iPhone 15 Pro Max + 2degrees 4tw!

 

These comments are my own and do not represent the opinions of 2degrees.




Kyanar

3910 posts

Uber Geek

Trusted
Subscriber

  #2054738 12-Jul-2018 09:00
Send private message

SaltyNZ:

 

Indeed, you can easily see some less drastic compromises - for example, instead of locking you out of the account, perhaps merely lock new purchases or trades or in-game items. That way you can at least still play while the account problem is sorted out, and if your account *is* compromised, then the hacker can play your games, which affects nobody.

 

 

It's actually more drastic than that. I'm locked out of Partner Membership Centre and MAPS Licensing, Azure Admin Console, Office 365 Admin, and any third party websites where I use the Microsoft account to sign in.

 

Rest assured, one takeaway is I'll never trust Microsoft to be my authentication provider for third party services again.

 

Would you believe if you use a Microsoft account to sign into Windows, it even locks you out of your computer? And if you use Visual Studio or Office 365 licensed to that login, it literally expires your products?

 

With them tying this many paid (expensive even!) services to that login, "temporarily suspended" with no accountability is not an acceptable method of account security.


freitasm
BDFL - Memuneh
76856 posts

Uber Geek

Administrator
ID Verified
Trusted
Geekzone
Lifetime subscriber

  #2054756 12-Jul-2018 09:16
Send private message

I will ask around.





Please support Geekzone by subscribing, or using one of our referral links: Dosh referral: 00001283 | Sharesies | Goodsync | Mighty Ape | Backblaze

 

freitasm on Keybase | My technology disclosure

 

 

 

 

 

 


dolsen
1448 posts

Uber Geek

Trusted
Lifetime subscriber

  #2054768 12-Jul-2018 09:29
Send private message

Kyanar:

 

Would you believe if you use a Microsoft account to sign into Windows, it even locks you out of your computer?

 

 

Hmm, time to re-think my setup. I've just moved to using my Microsoft account for authentication on all of my machines instead of a local account. Looks like that was a mistake and I shouldn't be trusting of Microsoft for basic stuff like this.

 

 


paulb001
40 posts

Geek

Trusted

  #2054776 12-Jul-2018 09:44
Send private message

Hi there, sorry youve had an issue with your Microsoft Account. As this is a consumer service you can log a support request at https://support.microsoft.com/en-nz/help/10494/microsoft-account-get-back-compromised-account 

We can try and help locally from MicrosoftNZ - please email the details of the case, including Microsoft Account email address, seperate backup mail address and contact number to nzcloud@microsoft.com and we will escalate to our consumer support team.

Thanks for the heads up Mauricio!







Kyanar

3910 posts

Uber Geek

Trusted
Subscriber

  #2054826 12-Jul-2018 10:19
Send private message

Thanks Paul, much appreciated. I would suggest for Microsoft it might be worth a review into whether this type of case should result in disabling access to Windows and other local software such as Visual Studio. I know that the Windows support team can unlink your Microsoft account remotely (or at least, I think that's what they were saying when I asked?) but calling support by phone is unlikely to be the first thing a consumer thinks of when Windows says "Sorry, something's wrong with your account. Sign in on the web" (which has its own set of issues if that's their only PC). 


gehenna
8092 posts

Uber Geek

Moderator
Trusted
Lifetime subscriber

  #2054833 12-Jul-2018 10:28
Send private message

Kyanar:

 

It's actually more drastic than that. I'm locked out of Partner Membership Centre and MAPS Licensing, Azure Admin Console, Office 365 Admin, and any third party websites where I use the Microsoft account to sign in.

 

 

I'm curious as to why you're using the same account for a personal service like Xbox as you are for corporate services like Azure and 365?


paulb001
40 posts

Geek

Trusted

  #2054941 12-Jul-2018 12:17
Send private message

gehenna:

 

Kyanar:

 

It's actually more drastic than that. I'm locked out of Partner Membership Centre and MAPS Licensing, Azure Admin Console, Office 365 Admin, and any third party websites where I use the Microsoft account to sign in.

 

 

I'm curious as to why you're using the same account for a personal service like Xbox as you are for corporate services like Azure and 365?

 

 

Agree, best practice would be a consumer account for "consumer stuff". I suspect the O365 one is a personal subscription to a retail version of O365 [Home/Personal]. Azure can and should be switched to OrgID/Azure AD, and MPN [Partner network, Microsoft Action Pack etc] etc should be a separate MSA account.

 

The account must have been compromised in some way.....For anyone reading this, if you dont have MFA turned on, do it now...the Internet can be a bad place!

 

 





paulb001
40 posts

Geek

Trusted

  #2054946 12-Jul-2018 12:22
Send private message

Kyanar:

 

Thanks Paul, much appreciated. I would suggest for Microsoft it might be worth a review into whether this type of case should result in disabling access to Windows and other local software such as Visual Studio. I know that the Windows support team can unlink your Microsoft account remotely (or at least, I think that's what they were saying when I asked?) but calling support by phone is unlikely to be the first thing a consumer thinks of when Windows says "Sorry, something's wrong with your account. Sign in on the web" (which has its own set of issues if that's their only PC). 

 

 

Quick update, we have escalated this internally. You should not be relying on a consumer login service as your only authentication to Windows, or O365, or VS - If you are a business, then you should use O365 Commerical services (you cannot use O365 Home/Personal for business use), which gives you an Azure AD account, and you can use this to join your device and access other services!

 

https://docs.microsoft.com/en-nz/azure/active-directory/device-management-azuread-joined-devices-frx 





Kyanar

3910 posts

Uber Geek

Trusted
Subscriber

  #2055179 12-Jul-2018 16:08
Send private message

paulb001:

 

Agree, best practice would be a consumer account for "consumer stuff". I suspect the O365 one is a personal subscription to a retail version of O365 [Home/Personal]. Azure can and should be switched to OrgID/Azure AD, and MPN [Partner network, Microsoft Action Pack etc] etc should be a separate MSA account.

 

The account must have been compromised in some way.....For anyone reading this, if you dont have MFA turned on, do it now...the Internet can be a bad place!

 

 

The account does have MFA - which is what confuses me. Anyways, it's mostly a case of an ancient legacy - I created the account so long ago back when I couldn't be bothered maintaining multiple accounts for things (since then I use password managers with complex passwords I couldn't remember if I tried, except for my online banking which is literally the weakest login I have).

 

The O365 and Azure admin stuff is actually attached to the AAD Tenant (good news) but annoyingly, MPN and MAPS refuse to allow attaching to an AAD account. Which is weird, because if you're signed into one when you go to PMC it actually says you're logged in but it can't find a partner association, it's just the onboarding that won't accept it for no good reason :(

 

Hopefully everyone is learning what you should and shouldn't do with an MSA though! We've long been prodded to use it as a way of logging into third party sites and even Windows itself, and it seems that may not actually be a good idea...


Create new topic





News and reviews »

HP Unveils Broadest Consumer Portfolio of AI-Enhanced Laptops
Posted 3-Mar-2024 18:09


Samsung Tab S9 FE Review
Posted 3-Mar-2024 18:00


Norton Genie Review
Posted 3-Mar-2024 17:57


Synology Introduces BeeStation
Posted 23-Feb-2024 14:14


New One UI 6.1 Update Brings Galaxy AI to More Galaxy Devices
Posted 23-Feb-2024 10:50


Amazon Echo Hub Available in New Zealand
Posted 23-Feb-2024 10:40


InternetNZ Releases Internet Insights 2023
Posted 20-Feb-2024 10:31


Seagate Adds 24TB IronWolf Pro Hard Drives for Multi-user Commercial and Enterprise RAID Storage Solutions
Posted 19-Feb-2024 16:54


Seagate Skyhawk AI 24TB Elevates Edge Security Capacity and Performance
Posted 9-Feb-2024 17:18


GoPro Releases Quik Desktop App for macOS and Introduces Premium+ Subscription Tier
Posted 9-Feb-2024 17:14


Ring Introduces New Ring Battery Video Doorbell Pro
Posted 9-Feb-2024 16:51


Galaxy AI Transforms the new Galaxy S24 Series
Posted 18-Jan-2024 07:00


D-Link launches AI-Powered Aquila Pro M30 Wi-Fi 6 Mesh Systems
Posted 17-Jan-2024 20:02


Newest LG 4K Lifestyle Projector Doubles as Art Objet
Posted 9-Jan-2024 15:50


More LG Smart TV Owners Set To Enjoy the Latest webOS Upgrade
Posted 9-Jan-2024 15:45









Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.







GoodSync is the easiest file sync and backup for Windows and Mac