Hotmail bans common passwords and introduces hacking alert system

By Tom Warren, on 14th Jul 11 4:34 pm with 30 Comments

Microsoft announced two new key Hotmail security features on Thursday.

The software giant is introducing a “My friend’s been hacked!” feature alongside banning commonly used and weak passwords. The hacking alert system will allow users to simply report accounts that have been compromised. “When someone’s account gets hijacked, their friends often find out before they do, because the hijacker uses their account to send spam or phishing email to all their contacts,” explains Microsoft’s Dick Craddock. The Hotmail team has built a specific feature to combat this. The “mark as” menu in Hotmail now contains “My friend’s been hacked!”. Hotmail users can also report hacked accounts via the junk mail filing screen.

The feature will send an alert to Microsoft which is automatically parsed into the company’s detection system. “When you report that your friend’s account has been compromised, Hotmail takes that report and combines it with the other information from the compromise detection engine to determine if the account in question has in fact been hijacked,” says Craddock. Microsoft will then make sure the account can no longer be used by spammers and activates an account recovery process to allow the owner to take back control of the account. Microsoft enabled the feature a few weeks ago. “We got thousands of reports of compromised accounts,” Craddock says. Microsoft’s system will also allow Yahoo! and Gmail accounts to receive compromise reports from Hotmail. “Those providers will now be able to use the reports in their own systems to recover hacked accounts,” revealed Craddock. “We’ve had this feature turned on for only a few weeks, and we’ve already identified thousands of customers who have had their accounts hacked and helped those customers reclaim their accounts.”

Microsoft will also roll out a feature to prevent users from choosing a common password. Common passwords include password, 123456, ilovecats and gogiants. “This new feature will be rolling out soon, and will prevent you from choosing a very common password when you sign up for an account or when you change your password,” says Craddock. Hotmail users who currently use a weak and common password may be prompted to change it in the future.

Report hacked accounts with Hotmail

  • Grannyville7989

    I’ll be interested to see if my sister uses a weak password.

  • http://twitter.com/efjay01 Ef Jay

    Funny how MS seems to play nice with its competitors but they dont reciprocate.

    • J A

      That is how bad competitors are and why Microsoft will continue to get better. Still yet, they want to paint Microsoft bad in the eyes of the world when they are the ones playing dirty and even blocking services such as Google blocking Windows Phone from accessing YouTube. They are all kids/rookies in this game anyway that is why they get hacked.

    • Test1ngi23

      LOL. Funniest thing I’ve read all day! Is today April 1st or something?

    • Mr.03

      The truth is funny right?

    • http://profiles.google.com/fromparistonewyork Aurélien Ramondou

      @Test1ngi23: he’s totally right, Google also blocked the advanced search features of the Google website few months ago. Currently you can’t search for the “Latest” stuff in Google anymore from a Windows phone. Crazy, right ?

    • WinMobey

      My HTC Surround searches YouTube just fine.  Maybe because I’m using the HTC YouTube app, not the MS one? 

      I’d be more concerned Google+ will become an Android-only market, effectively cutting out WinPhone8′s relevance before it even launches.

    • Guest

      Every day is April 1st when it comes to your comments.

  • SomeoneinWA

    I really, really like this new approach Microsoft is taking with its online services like Hotmail. Rolling out improvements/new features on a regular basis is far superior to rolling up lots of improvements in an annual “wave.” This approach means features that are complete can roll out when ready and don’t need to wait until some arbitrary publication date, and it means the particular service gets news coverage on a regular basis which creates buzz and mindshare. Once Mango helps WP become more feature complete, I hope Microsoft will switch to this approach to the WPOS for improvements and new features as well.

    • Mark

      I think you’re seeing updates only annually in many cases because that’s all MS’s bureacratic process is capable of. I don’t know that they’re holding things back intentionally.

  • SomeoneinWA

    I really, really like this new approach Microsoft is taking with its online services like Hotmail. Rolling out improvements/new features on a regular basis is far superior to rolling up lots of improvements in an annual “wave.” This approach means features that are complete can roll out when ready and don’t need to wait until some arbitrary publication date, and it means the particular service gets news coverage on a regular basis which creates buzz and mindshare. Once Mango helps WP become more feature complete, I hope Microsoft will switch to this approach to the WPOS for improvements and new features as well.

  • GP007

    I like this nice steady flow of updates to hotmail and other MS services, good stuff all around. 

  • GP007

    I like this nice steady flow of updates to hotmail and other MS services, good stuff all around. 

  • rojo

    Love what hotmail is doing these days. I’ll go back once they update their interface.

    • Syrious

      when was the last time you logged in? its more remenisent of the outlook webapp now

  • http://twitter.com/abhi1manyu Abhimanyu Jamwal

    how awesome…and today only my hotmail a/c has been blocked and I dont know why. The a/c page says someone tried multiple times to acess my a/c and sent spams and junk mails. Now I cannot use windows marketplace or live messenger on desktop and on mango beta. Worse, I filled up the details and nothing as of yet :(

    • Mr.03

      I’m afraid that your account was hijacked without you knowing

  • Anonymous

    This has been a major Hotmail problem for sometime now.. good to see it sorted out somehow

  • Mestiphal

    a while back my hotmail account got hacked, they didn’t change the password on the hotmail account, but did change the password on my WoW account.

    never figured out how they stole my hotmail password, thankfully I was able to still log into the account and change it’s password.  then had to retreive the WoW accoutn and got an authenticator.

  • Mestiphal

    a while back my hotmail account got hacked, they didn’t change the password on the hotmail account, but did change the password on my WoW account.

    never figured out how they stole my hotmail password, thankfully I was able to still log into the account and change it’s password.  then had to retreive the WoW accoutn and got an authenticator.

  • ConspirataX

    I love Hotmail… been using it since 1998… but recently it let me down blocking an attachment. I understand why they do this… but they should add an option like autogenerating codes (like captcha) or an advanced option to let users download the attachment because is not always we can ask for the person to resend the mail with an different extension…

    But stilll very nice feature they´re be adding.

  • jinge

    You are talking about a new interface, but may I get a screenshot to see what it looks like please? I still have the same than 2years ago… Which takes few hundred MB after too much utilization.

    Anyway, I have the “my friend is stupid and gave its password to a whoblockedme website” button for more than few months now!

  • Mark

    Does this mean I can’t use “password” anymore? ;-)

  • Anonymous

    Great netiquette. I agree with banning common passwords. All passwords should be strong.

  • Renzo

    Step your game up and you might pry me away from Gmail.

    Not there yet.

  • Anonymous

    Once I was ready to go fully with Hotmail… Came this last Google’s overhaul and kept me back.

    Even if you use some MS Services, you still will use some Google Services as well. So, you stay at Google and gg at the moment.

    Also, they must make Hotmail faster with better responsiveness and easier/cleaner UI. I’d really like to give the new clean, pretty colorful, squared UI which MS gives on its sites.

  • spookie

    Typical Microsoft.  Mixing up security features with taking control out of the hands of users.  WTF makes them think they have the right to decide what password I use?  THIS is why I don’t use MS products that my work doesn’t require me to.  At all.  Ever.

    • Guest

      don’t go crying at MS when you get hacked.

  • Anonymous

    i really appreciate Hotmail for introducing hacking alert system but one should decide what password they want to keep and not Hotmail. lets hope that things get better in future.
    thanks for the sharing.

    • Guest

      don’t go crying at MS when you get hacked.