Hotmail bans commonly used passwords, introduces 'My friend's been hacked!' feature

Published Date
19 - Jul - 2011
| Last Updated
19 - Jul - 2011
 
Hotmail bans commonly used passwords, introduces 'My friend's bee...

In an endeavour to keep users' email accounts safe from hacking, Hotmail is now banning commonly used passwords such as “password”, “123456”, “ilovecats” and “gogiants”. While signing up for its email service, Hotmail will notify the users about such passwords.

“This new feature will be rolling out soon, and will prevent you from choosing a very common password when you sign up for an account or when you change your password. If you're already using a common password, you may, at some point in the future, be asked to change it to a stronger password,” says Dick Craddock, Group Program Manager at Hotmail. [RELATED_ARTICLE]

“Of course, having a strong password is just one step to protecting your account. You should also provide “proofs,” including an alternate email address, a question and secret answer, and, even a mobile number where we can reach you via text message. You can learn more about how to set up account proofs, or go ahead and set up your account proofs now,” he adds.

Hotmail also highlights the fact that common passwords pus users account at risk and make them vulnerable to dictionary attacks. The Hotmail subscribers already using any of the banned passwords will be soon notified about choosing a stronger and harder to guess password.

“My friend's been hacked!”

Hotmail has introduced a new feature to its email service called “My friend's been hacked”. The new feature enables the users to report to Hotmail about any email account they believe has been hacked. With the new feature the users can mark a message with a 'My friend's been hacked' label.

The Hotmail subscribers can also report about a compromised account when they mark a message as junk or otherwise move a message to the Junk folder:

“When you report that your friend’s account has been compromised, Hotmail takes that report and combines it with the other information from the compromise detection engine to determine if the account in question has in fact been hijacked,” says Dick Craddock.

“It turns out that the report that comes from you can be one of the strongest “signals” to the detection engine, since you may be the first to notice the compromise. So, when you help out this way, it makes a big difference!”

The notable aspect of the new feature is that it works for any email account. Elaborating the aspect, Craddock says, “Even if you’re a Hotmail user, you probably get email from friends using other email providers, and those accounts can get compromised, too.”

“We did the work to enable other email providers like Yahoo and Gmail to receive these compromise reports from Hotmail including those submitted by you, and those providers will now be able to use the reports in their own systems to recover hacked accounts.”

Hotmail's fresh attempt to ward off hacking is certainly a welcome move. Other leading email service providers like Gmail and Yahoo will also be now prompted to come up with similar features. Hacking is now very common and many have fallen prey to it. However, do you also think banning commonly used passwords will make any difference? Let us know what you think in the comment section below:

Also read,