No, you can’t use “password” either.

Share story

Microsoft wants you to stop using “password” as your account password, and the company knows just how to do that — ban it outright.

The company wrote in a technical blog, noticed by online news site Mashable, that it will ban users from setting up some of the most commonly used passwords.

Microsoft hopes the practice will increase security for user accounts, as those with passwords such as “football” and “12345” are some of the most susceptible to hackers.

If users try to set up an account with many of the passwords found on the annual Worst Passwords List put together by SplashData, Microsoft will show a red warning that says, “Choose a password that’s harder for people to guess.”

The feature is live across commonly used Microsoft accounts such as Outlook and Xbox Live, and will soon apply to the Azure Active Directory.

Cybercriminals use commonly used passwords to force their way into accounts, Microsoft director of program management Alex Simons wrote in the blog.

“What we do with the data is prevent you from having a password anywhere near the current attack list, so those attacks won’t work,” he wrote.

The system isn’t completely foolproof. Ars Technica tried some variations of the commonly used passwords and got a green light.