Xbox LIVE security improvement details

Time to update those passwords, people.

Tarryn van der BylJuly 19, 2012

Evil people who want control of your Xbox LIVE account for their own evil purposes are not going away any time soon, but Microsoft is working hard to minimise those risks for you.

There’s not much they can do about you clicking through to a page advertising 1,000 free Xbox LIVE Arcade games every day for the rest of your life if you just log in over here, of course, but for everything else, there’s a security policy. Also, maybe don’t click through to those sorts of pages.

In a guest post over on Xbox.com’s forum front page, Xbox LIVE general manager Alex Garden explains the what, how, and why of online safety at Microsoft HQ:

We’ve increased notifications to members whose accounts may be compromised to add proofs, update their passwords, and, if necessary, contact Xbox support. This helps our team lock down an account quickly, investigate and restore the account to the rightful owner.
We’ve taken legal action to pull down online posts of gamertags, usernames and passwords gathered from malware or phishing schemes to help protect our members.
Our Xbox LIVE Spring update included many behind the scenes improvements that help us build on security enhancements for the near future.
We’re sending unique codes to the security phone numbers and secondary email addresses provided by members to verify authorisation for Xbox.com purchases or account change attempts not stemming from a member’s trusted device.
We’re working to reduce market incentives for criminal activity. Engaging in identity theft, trading in stolen accounts and committing credit card fraud are illegal and violate our Terms of Use. Those involved in these activities risk criminal prosecution, account and console bans. That goes for both sellers and buyers of known stolen accounts and content.

He also suggests that users update their security information and change their passwords if they’ve not done so recently, reminding everybody at the same time that passwords like “password” are still among the most popular passwords and therefore probably not very good passwords (seriously). Make that your project today, champ.