Microsoft announced yesterday to the press that they are tightening up their security system for Hotmail users.
This update is coming in two stages, with the second phase – to ban common passwords rolling out in the near future.
It would seem to be common sense not to have a password of ‘123456’ or ‘password’, but recent search highlighted that many people use very insecure passwords to protect not only email, but even personal banking accounts. If you have no idea what a weak password is, then click that link.
How to protect your accounts? Use a complex password, including non alphanumeric characters. They may be hard to remember, but the chances of ending up with a compromised account will be much lower.
Dick Craddock, group program manager for Hotmail wrote in a blog post “When you report that your friend’s account has been compromised, Hotmail takes that report and combines it with the other information from the compromise detection engine to determine if the account in question has in fact been hijacked. It turns out that the report that comes from you can be one of the strongest ‘signals’ to the detection engine, since you may be the first to notice the compromise. So, when you help out this way, it makes a big difference!”
When an account is marked as compromised, it is turned off and then has to be reenabled through a fairly complex procedure. Microsoft send notices to other email providers, including Gmail, so they can be notified.
Craddock added “We’ve had this feature turned on for only a few weeks, and we’ve already identified thousands of customers who have had their accounts hacked and helped those customers reclaim their accounts.”
This new feature will be rolling out soon, and will prevent you from choosing a very common password when you sign up for an account or when you change your password. If you’re already using a common password, you may, at some point in the future, be asked to change it to a stronger password.”
Kitguru says: Microsoft forcing users to protect themselves. Whatever next.