Hotmail Strives to Eliminate 'Password' Passwords

Hotmail Strives to Eliminate 'Password' Passwords

By any measure, end users are still using passwords that are far too simple. The Gawker Media hack from 2010, in fact, showed "123456" was the most common password in Gawker's database. Well, Microsoft's decided that if folks aren't going to pick strong passwords, at the very least Microsoft can keep them from picking the most egregious, easy passwords to hack.

Microsoft's Hotmail service will now prevent new customers from selecting passwords that are too easy to guess, such as "password" or the aforementioned "123456." Those sorts of passwords, besides being easy to guess, are particularly vulnerable to brute force or “dictionary” attacks.

In addition to preventing users from choosing a weak password when signing up for a new account, the changes will also prevent already existing users from doing the same when changing their passwords. Sometime in the future, the system may proactively force users to change their passwords, as well. The changes will be rolling out "soon."

Microsoft has, for a long time, had a password checker. Users can enter their password into it and the system will judge if it is strong enough.


What is interesting is that as hackers have become more sophisticated, what used to be a strong password is no longer so. Microsoft says a strong password should contain at least 14 characters, for one, which isn't exactly easy to remember without a program such as LastPass or Roboform.

Hotmail is adding another feature, as well. How often have you seen what appears to be a spam or phishing email come from one of your contacts? That usually means that your friend has had a virus infect their system, or else their account has been hacked because of a (ahem) too easy password. And naturally, it's that person's friends that usually spot the problem first, when they get such compromised email.

The new Hotmail feature allows users to report such an email directly to Hotmail. Microsoft is adding a "My friend's been hacked" option on the Hotmail drop-down "Mark As" menu. Once you report the email, "Hotmail takes that report and combines it with the other information from the compromise detection engine to determine if the account in question has in fact been hijacked."

In addition, Microsoft will share any such data with Yahoo or Google, so even if the email came from Gmail or Yahoo! mail, you'll still be helping out your friend.

These are nice features, but they are still not going to get us to move from Gmail. Gmail has the best spam detection we've ever seen, and there's that Google+ service you might have heard of.
+1
+ -

Regarding the passwords.. Finally! Some sites already have a strength system and force you to choose something from moderate to strong. Hotmail should have implemented this years ago.

The "My friend's Been hacked" is another great feature, however, I haven't used hotmail in a very long time and, you're right, this won't bring me back.

0
+ -

Is this a typo, or does it simply negate the headline?

"Microsoft's Hotmail service will not prevent new customers from selecting passwords that are too easy to guess,..."

0
+ -

"Yeah its a Typo, he meant "Wiil Now". Anyhow, its a great measure along with "My friend's Been hacked" .@ ManDuh, I still have an active Live account for Live Messenger even though the new interface sucks but I have lots of active contacts there.'

-Optimus

0
+ -

I still have an active acct for Windows Live as well but I think I only sign in on average once or twice a month lol. I have 130 contacts or so and only see about 3 at the most online at a time. I think with all the acct hijacking people are straying away from them.

0
+ -

Manduh:
. I think with all the acct hijacking people are straying away from them.

"Totally true, I cant believe people fell for that "See Who Erased You' scheme . oh well, at least I can report a "My friend's Been hacked" and have those accounts stop spamming me. Oh, and I happen to have almost 600 contacts, but about 80 or so are still active. Funny thing is that I have 3850 unread messages . I dont like Hotmail's inteface and it too slow, so I just stick with Gmail."

-Optimus


0
+ -

Wowsers that's crazy haha.

0
+ -

Manduh:
Wowsers that's crazy haha.

Hotmail is crazy. I dumped them many years ago because it was like being slowly pecked to death by Chickens.

 

0
+ -

Ughh, corrected :)

0
+ -

A step in the right direction for Microsoft. I would assume they will be implementing this on the rest of their sites as well. Love the "my freinds been hacked" feature and find it interesting that they will be communicating with Yahoo and Gmail. Do you think that Yahoo and Gmail will be implementing a similar feature in the near future.

Login or Register to Comment
Post a Comment
Username:   Password: