Several well‑known security and privacy developers say Microsoft abruptly terminated their developer accounts, cutting off access to essential publishing and verification tools.
The affected projects include VeraCrypt, WireGuard, and Windscribe — names that Windows users rely on for encryption, networking, and privacy. Microsoft has acknowledged the actions but has not fully explained why these trusted developers were swept up in its enforcement process. The situation highlights ongoing tension between automated security controls and the realities of open‑source development. It also raises questions about how Microsoft plans to prevent similar disruptions in the future.
As a result of Microsoft's actions, users were susceptible to potential malicious attacks. WireGuard creator Jason Donenfeld explained to PCMag, "I cannot sign drivers, which means I cannot ship updates for WireGuard for Windows."
"Just Microsoft things...," said VeraCrypt's Mounir Idrassi on X, describing how he'd attempted to contact Microsoft through various channels, but his efforts had no real results, only automated replies and bot responses. "I was unable to reach a human," he added.
WindScribe was in the same situation, indicating that their Microsoft developer account was also suspended. "We've been trying to resolve this for over a month, and getting nowhere. Support is non-existent," Windscribe added. "Anyone know a human with a brain that still works at Microsoft and can help?"
But thanks to the social backlash — and, surprisingly, Epic Games CEO and founder Tim Sweeney — the issue was flagged to Microsoft's EVP for Windows and Devices, Pavan Davuluri, who said the company was working to resolve the issue. Davuluri claimed that Microsoft had also reached out VeraCrypt and WireGuard, promising to have their suspended accounts reinstated.
Ultimately, it appears Microsoft didn’t intentionally block any partner accounts. Instead, the company introduced mandatory account verification in the Windows Hardware Program for those who hadn’t completed the process since April 2024. The requirement took effect on October 16, 2025, giving partners 30 days to verify their identity with a government-issued ID, as Davuluri pointed out.
We worked hard to make sure partners understood this was coming, from emails, banners, reminders. And we know that sometimes things still get missed. We're taking this as an opportunity to review how we communicate changes like this and make sure we're doing it better.
Microsoft EVP for WIndows + Devices, Pavan Davuluri
Scott Hanselman, VP and member of technical staff at Microsoft, addressed the issue on X, indicating that, "Hey, I love dumping on my company as much as the next guy, because Microsoft does some dumb stuff, but sometimes it's just check emails and verify your accounts."
Hey I love dumping on my company as much as the next guy, because Microsoft does some dumb stuff, but sometimes it's just check emails and verify your accounts. Not every "WTF micro$oft" moment is a slam dunk. I've emailed VeraCrypt personally and we'll get him unblocked. I've… https://t.co/eLiJ3WQ42RApril 8, 2026
"Not every 'WTF micro$oft' moment is a slam dunk," Hanselman added. He indicated that not everything is a conspiracy, and sometimes it could be literally paperwork. Either way, Microsoft should've already resolved the suspended developer accounts by now, or it'll be close to resolved.
Should Microsoft change how it verifies and enforces rules for open‑source developers? Share your thoughts in the comments.
Join us on Reddit at r/WindowsCentral to share your insights and discuss our latest news, reviews, and more.
