Mobile // Mobile Applications
News
7/19/2011
11:32 AM
50%
50%

Hotmail Bans Guessable Passwords, Like 'Password'

12345 won't cut it anymore, either. Microsoft Hotmail users must get more creative--and secure.

Gmail Add-On Boosts Support Features
Slideshow: Gmail Add-On Boosts Support Features
(click image for larger view and for slideshow)
Hotmail users will soon no longer be able to employ lazily constructed passwords like "12345," "password," or common phrases like "ilovecats" to secure their accounts against hackers, identity thieves, or jealous exes.

Microsoft plans to institute new password rules and other security features for the email system, used by roughly 500 million individuals, which will require users to put more thought into their efforts to thwart cyber-intruders.

The company in the coming weeks will introduce new password rules that will prohibit Hotmail users from employing passwords that Microsoft believes are vulnerable to so-called dictionary attacks. Dictionary attacks are efforts by hackers to simply guess a password based on commonly used names, numbers, and personally identifiable information.

Hotmail users whose existing passwords are deemed vulnerable may be asked to create new ones, as well.

"This new feature will be rolling out soon, and will prevent you from choosing a very common password when you sign up for an account or when you change your password," said Hotmail group program manager Dick Craddock, in a blog post. "If you're already using a common password, you may, at some point in the future, be asked to change it to a stronger password."

Microsoft is taking other steps to secure Hotmail accounts, thousands of which fell victim to a massive phishing scam in late 2009. Another new feature will make it easier for users to send an alert if they suspect a friend or colleague's account has been hacked.

"Maybe you've had this happen to you: You sign in to Hotmail, and you see you've got some new mail from one of your friends. You open the message only to discover it's spam!" wrote Craddock in a blog post. "Whatever the case, one thing is for sure: this email isn't really from your friend at all."

To report the abuse, users will soon see a new item under the messages' "Mark as" menu labeled "My friend's been hacked!" Tagging a message with that label will alert Microsoft to the problem, Craddock said. "When you help out in this way, it makes a big difference."

The bottom line: Thousands of Hotmail users will no longer be able to use "password" as their password.

InformationWeek Analytics is conducting a survey on mobile device management and security. Respond to the survey and be eligible to win an iPod Touch. Take the survey now. Survey ends July 22.

Comment  | 
Print  | 
More Insights
Building A Mobile Business Mindset
Building A Mobile Business Mindset
Among 688 respondents, 46% have deployed mobile apps, with an additional 24% planning to in the next year. Soon all apps will look like mobile apps and it's past time for those with no plans to get cracking.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest, Dec. 9, 2014
Apps will make or break the tablet as a work device, but don't shortchange critical factors related to hardware, security, peripherals, and integration.
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on InformationWeek.com for the week of December 14, 2014. Be here for the show and for the incredible Friday Afternoon Conversation that runs beside the program.
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.