{"id":89480,"date":"2019-05-30T09:00:42","date_gmt":"2019-05-30T16:00:42","guid":{"rendered":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/\/?p=89480"},"modified":"2023-05-15T23:00:28","modified_gmt":"2023-05-16T06:00:28","slug":"demystifying-password-hash-sync","status":"publish","type":"post","link":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/05\/30\/demystifying-password-hash-sync\/","title":{"rendered":"Demystifying Password Hash Sync"},"content":{"rendered":"<p>This blog is part of a series of posts providing a behind-the-scenes look of Microsoft\u2019s Detection and Response Team (DART). While responding to cybersecurity incidents around the world, DART engages with customers who are wary about using Password Hash Sync (PHS) or are not utilizing this service\u2019s full capabilities. As customers can gain tremendous security benefits using the full capabilities of this service, we want to demystify PHS.<\/p>\n<h3>What PHS is and is not<\/h3>\n<p>What is PHS? First, let\u2019s start with what it is not. PHS doesn\u2019t sync actual passwords. Rather, it syncs the hashes of passwords, which have all undergone a per-user salt and 1,000 iterations of the HMAC-SHA256 key hashing algorithm, before being sent to Azure Active Directory (Azure AD). Through our hands-on experiences, we\u2019ve learned that many companies believe that Microsoft may have access to users&#8217; passwords. Microsoft is committed to protecting your privacy, and it\u2019s important to note that the SHA256 hash cannot be decrypted\u2014so the plain-text version of the password is never and can never be exposed to Microsoft.<\/p>\n<p><a href=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/\/wp-content\/uploads\/2019\/05\/DART-Password-Hash-Sync-1.png\" target=\"_blank\" rel=\"noopener noreferrer\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone wp-image-89484 size-full\" src=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/\/wp-content\/uploads\/2019\/05\/DART-Password-Hash-Sync-1.png\" alt=\"Microsoft is committed to protecting your privacy, and it\u2019s important to note that the SHA256 hash cannot be decrypted.\" width=\"1864\" height=\"811\" srcset=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2019\/05\/DART-Password-Hash-Sync-1.png 1864w, https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2019\/05\/DART-Password-Hash-Sync-1-300x131.png 300w, https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2019\/05\/DART-Password-Hash-Sync-1-768x334.png 768w, https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2019\/05\/DART-Password-Hash-Sync-1-1024x446.png 1024w\" sizes=\"(max-width: 1864px) 100vw, 1864px\" \/><\/a><\/p>\n<p>The second important consideration of PHS is that, with PHS your Identity Management provider is moved from your current provider to Azure AD. This allows the organization to move from an Identity Management provider\u2014which is typically an on-premises server and requires maintenance and potentially server downtime\u2014to a platform-as-a-service (PaaS) provider.<\/p>\n<p>From a security perspective, organizations gain significant reliability advantages and improved capabilities by moving to PHS, including Smart Lockout, IP Lockout, and the ability to discover leaked credentials, as well as the benefits of utilizing Microsoft\u2019s billions of worldwide data points as additional layers of security to your organization\u2019s environment.<\/p>\n<p>More about these key features:<\/p>\n<ul>\n<li>Smart Lockout assists in blocking bad actors who are attempting to brute force passwords. By default, Smart Lockout locks the account from sign-in attempts for one minute after ten failed attempts. Smart Lockout tracks the last three bad password hashes to avoid re-incrementing the lockout counter. For more information Smart Lockout, see <a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/authentication\/howto-password-smart-lockout\" target=\"_blank\" rel=\"noopener noreferrer\">Azure AD Smart Lockout<\/a>.<\/li>\n<li>IP Lockout works by analyzing those billions of sign-ins to assess the quality of traffic from each IP address hitting Microsoft\u2019s systems. With that analysis, IP Lockout finds IP addresses acting maliciously, such as an IP that is password spraying the tenant, and blocks those sign-ins in real-time, while allowing the real user to continue to successfully sign in.<\/li>\n<li>Microsoft Leaked Credentials Service acquires username\/password pairs by monitoring public web sites and the Dark Web and by working with:\n<ul>\n<li>Researchers<\/li>\n<li>Law enforcement<\/li>\n<li>Microsoft Security teams<\/li>\n<li>Other trusted sources<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p style=\"padding-left: 45px;\">When the service acquires username\/password pairs, the passwords are sent through the same hashing algorithm and are checked against Azure AD users&#8217; password hashes. When a match is found (indicating a compromised credential), a &#8220;Leaked Credentials Risk Event&#8221; is created. Please see <a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/reports-monitoring\/concept-risk-events\" target=\"_blank\" rel=\"noopener noreferrer\">Azure AD Risk Events<\/a> for\u00a0additional information regarding Leaked Credentials.<\/p>\n<p>Another important benefit to PHS is that, should your tenant experience a Denial of Service (DoS) and\/or Password Spray attack, Microsoft will take the brunt of that traffic. That traffic is directed at Microsoft, not your on-premises Active Directory Federated Services (AD FS). When authentication happens via on-premises AD FS your server is responsible for managing the load and potentially causing downtime.<\/p>\n<p>Moving an organization\u2019s identity management provider to Azure AD and utilizing Password Hash Sync allows for both an increase in overall security posture and reduced management overhead. The security benefits, including leaked credentials, IP lockout, and Smart Lockout, all utilize Microsoft\u2019s telemetry that gives organizations the power of Microsoft\u2019s intelligence.<\/p>\n<p><strong>NOTE<\/strong>: If PHS is the secondary authentication method and, if you choose to take advantage of Smart Lockout and IP Lockout, the primary authentication method must support these functionalities. PHS is recommended as secondary in a hybrid environment if Federated or Pass-through Authentication is primary as a redundancy mechanism, as well as the ability to collect information for Leaked Credentials.<\/p>\n<h3>Learn more<\/h3>\n<p>To learn more about DART, our engagements, and how they are delivered by experienced cybersecurity professionals who devote 100 percent of their time to providing cybersecurity solutions to customers worldwide, please contact your account executive.\u00a0Also,\u00a0bookmark the\u202f<a href=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/\" target=\"_blank\" rel=\"noopener noreferrer\">Security blog<\/a> to keep up with our expert coverage on security matters and follow us at\u202f<a href=\"https:\/\/twitter.com\/@MSFTSecurity\" target=\"_blank\" rel=\"noopener noreferrer\">@MSFTSecurity<\/a> for the latest news and updates on cybersecurity. Read <a href=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/03\/25\/dart-the-microsoft-cybersecurity-team-we-hope-you-never-meet\/\" target=\"_blank\" rel=\"noopener noreferrer\">DART: the Microsoft cybersecurity team we hope you never meet<\/a> for more about the DART team.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>We debunk the myths about Password Hash Sync (PHS) so you can gain security benefits by using the full capabilities of this service.<\/p>\n","protected":false},"author":96,"featured_media":89486,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"ep_exclude_from_search":false,"_classifai_error":"","footnotes":""},"content-type":[3662],"topic":[3673,3675],"products":[3702,3703],"threat-intelligence":[],"tags":[3753,3823],"coauthors":[2107,2108,2109],"class_list":["post-89480","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","content-type-news","topic-identity-and-access-management","topic-information-protection-and-governance","products-microsoft-entra","products-microsoft-entra-id","tag-cybersecurity-policy","tag-password-protection"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v23.7 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Demystifying Password Hash Sync<\/title>\n<meta name=\"description\" content=\"We debunk the myths about Password Hash Sync (PHS) so you can gain security benefits by using the full capabilities of this service.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/05\/30\/demystifying-password-hash-sync\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Demystifying Password Hash Sync\" \/>\n<meta property=\"og:description\" content=\"We debunk the myths about Password Hash Sync (PHS) so you can gain security benefits by using the full capabilities of this service.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/05\/30\/demystifying-password-hash-sync\/\" \/>\n<meta property=\"og:site_name\" content=\"Microsoft Security Blog\" \/>\n<meta property=\"article:published_time\" content=\"2019-05-30T16:00:42+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-05-16T06:00:28+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2019\/05\/DART-Password-Hash-Sync-full-size-1024x682.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1024\" \/>\n\t<meta property=\"og:image:height\" content=\"682\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Holly Lockhart, Drew Nicholas, Sarah Roberts\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:image\" content=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2019\/05\/DART-Password-Hash-Sync-full-size.jpg\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Holly Lockhart, Drew Nicholas, Sarah Roberts\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/05\/30\/demystifying-password-hash-sync\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/05\/30\/demystifying-password-hash-sync\/\"},\"author\":[{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/author\/holly-lockhart\/\",\"@type\":\"Person\",\"@name\":\"Holly Lockhart\"},{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/author\/drew-nicholas\/\",\"@type\":\"Person\",\"@name\":\"Drew Nicholas\"},{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/author\/sarah-roberts\/\",\"@type\":\"Person\",\"@name\":\"Sarah Roberts\"}],\"headline\":\"Demystifying Password Hash Sync\",\"datePublished\":\"2019-05-30T16:00:42+00:00\",\"dateModified\":\"2023-05-16T06:00:28+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/05\/30\/demystifying-password-hash-sync\/\"},\"wordCount\":749,\"publisher\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/05\/30\/demystifying-password-hash-sync\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2019\/05\/DART-Password-Hash-Sync-card.jpg\",\"keywords\":[\"Cybersecurity policy\",\"Password protection\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/05\/30\/demystifying-password-hash-sync\/\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/05\/30\/demystifying-password-hash-sync\/\",\"name\":\"Demystifying Password Hash Sync\",\"isPartOf\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/05\/30\/demystifying-password-hash-sync\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/05\/30\/demystifying-password-hash-sync\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2019\/05\/DART-Password-Hash-Sync-card.jpg\",\"datePublished\":\"2019-05-30T16:00:42+00:00\",\"dateModified\":\"2023-05-16T06:00:28+00:00\",\"description\":\"We debunk the myths about Password Hash Sync (PHS) so you can gain security benefits by using the full capabilities of this service.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/05\/30\/demystifying-password-hash-sync\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/05\/30\/demystifying-password-hash-sync\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/05\/30\/demystifying-password-hash-sync\/#primaryimage\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2019\/05\/DART-Password-Hash-Sync-card.jpg\",\"contentUrl\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2019\/05\/DART-Password-Hash-Sync-card.jpg\",\"width\":440,\"height\":268,\"caption\":\"A man working at a PC workstation.\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/05\/30\/demystifying-password-hash-sync\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Demystifying Password Hash Sync\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#website\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/\",\"name\":\"Microsoft Security Blog\",\"description\":\"Expert coverage of cybersecurity topics\",\"publisher\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization\",\"name\":\"Microsoft Security Blog\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/08\/cropped-cropped-microsoft_logo_element.png\",\"contentUrl\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/08\/cropped-cropped-microsoft_logo_element.png\",\"width\":512,\"height\":512,\"caption\":\"Microsoft Security Blog\"},\"image\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#\/schema\/logo\/image\/\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Demystifying Password Hash Sync","description":"We debunk the myths about Password Hash Sync (PHS) so you can gain security benefits by using the full capabilities of this service.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/05\/30\/demystifying-password-hash-sync\/","og_locale":"en_US","og_type":"article","og_title":"Demystifying Password Hash Sync","og_description":"We debunk the myths about Password Hash Sync (PHS) so you can gain security benefits by using the full capabilities of this service.","og_url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/05\/30\/demystifying-password-hash-sync\/","og_site_name":"Microsoft Security Blog","article_published_time":"2019-05-30T16:00:42+00:00","article_modified_time":"2023-05-16T06:00:28+00:00","og_image":[{"width":1024,"height":682,"url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2019\/05\/DART-Password-Hash-Sync-full-size-1024x682.jpg","type":"image\/jpeg"}],"author":"Holly Lockhart, Drew Nicholas, Sarah Roberts","twitter_card":"summary_large_image","twitter_image":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2019\/05\/DART-Password-Hash-Sync-full-size.jpg","twitter_misc":{"Written by":"Holly Lockhart, Drew Nicholas, Sarah Roberts","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/05\/30\/demystifying-password-hash-sync\/#article","isPartOf":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/05\/30\/demystifying-password-hash-sync\/"},"author":[{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/author\/holly-lockhart\/","@type":"Person","@name":"Holly Lockhart"},{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/author\/drew-nicholas\/","@type":"Person","@name":"Drew Nicholas"},{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/author\/sarah-roberts\/","@type":"Person","@name":"Sarah Roberts"}],"headline":"Demystifying Password Hash Sync","datePublished":"2019-05-30T16:00:42+00:00","dateModified":"2023-05-16T06:00:28+00:00","mainEntityOfPage":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/05\/30\/demystifying-password-hash-sync\/"},"wordCount":749,"publisher":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization"},"image":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/05\/30\/demystifying-password-hash-sync\/#primaryimage"},"thumbnailUrl":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2019\/05\/DART-Password-Hash-Sync-card.jpg","keywords":["Cybersecurity policy","Password protection"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/05\/30\/demystifying-password-hash-sync\/","url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/05\/30\/demystifying-password-hash-sync\/","name":"Demystifying Password Hash Sync","isPartOf":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/05\/30\/demystifying-password-hash-sync\/#primaryimage"},"image":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/05\/30\/demystifying-password-hash-sync\/#primaryimage"},"thumbnailUrl":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2019\/05\/DART-Password-Hash-Sync-card.jpg","datePublished":"2019-05-30T16:00:42+00:00","dateModified":"2023-05-16T06:00:28+00:00","description":"We debunk the myths about Password Hash Sync (PHS) so you can gain security benefits by using the full capabilities of this service.","breadcrumb":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/05\/30\/demystifying-password-hash-sync\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/05\/30\/demystifying-password-hash-sync\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/05\/30\/demystifying-password-hash-sync\/#primaryimage","url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2019\/05\/DART-Password-Hash-Sync-card.jpg","contentUrl":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2019\/05\/DART-Password-Hash-Sync-card.jpg","width":440,"height":268,"caption":"A man working at a PC workstation."},{"@type":"BreadcrumbList","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/05\/30\/demystifying-password-hash-sync\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/"},{"@type":"ListItem","position":2,"name":"Demystifying Password Hash Sync"}]},{"@type":"WebSite","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#website","url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/","name":"Microsoft Security Blog","description":"Expert coverage of cybersecurity topics","publisher":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization","name":"Microsoft Security Blog","url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/08\/cropped-cropped-microsoft_logo_element.png","contentUrl":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/08\/cropped-cropped-microsoft_logo_element.png","width":512,"height":512,"caption":"Microsoft Security Blog"},"image":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#\/schema\/logo\/image\/"}}]}},"msxcm_display_generated_audio":false,"distributor_meta":false,"distributor_terms":false,"distributor_media":false,"distributor_original_site_name":"Microsoft Security Blog","distributor_original_site_url":"https:\/\/www.microsoft.com\/en-us\/security\/blog","push-errors":false,"_links":{"self":[{"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/posts\/89480"}],"collection":[{"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/users\/96"}],"replies":[{"embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/comments?post=89480"}],"version-history":[{"count":0,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/posts\/89480\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/media\/89486"}],"wp:attachment":[{"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/media?parent=89480"}],"wp:term":[{"taxonomy":"content-type","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/content-type?post=89480"},{"taxonomy":"topic","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/topic?post=89480"},{"taxonomy":"products","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/products?post=89480"},{"taxonomy":"threat-intelligence","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/threat-intelligence?post=89480"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/tags?post=89480"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/coauthors?post=89480"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}