15 Jul 2011

New Hotmail features to improve security

In an effort to bolster internet security, Microsoft has announced two new Hotmail features. Users will now be able to report when they receive a spam message, and Hotmail will no longer allow users to choose dangerously common passwords.

A few weeks ago, Microsoft began the test phase for a button that easily lets users report spam messages they receive from their friends. Under the "Mark as" drop-down menu in Hotmail, Microsoft added "My friend's been hacked!" to other options for marking messages, such as "Flagged," "Read" and "Phishing scam." According to Microsoft, this feature has already generated thousands of hack reports.

Once Microsoft receives a report of a hacked account sending out spam, the affected user is prompted to go through an account recovery flow to secure the account before accessing it again.

Because email accounts protected by very common passwords are vulnerable to dictionary attacks, in which hackers essentially just guess at passwords, Microsoft is invalidating certain risky options like "123456" and "password." New users will not be able to choose these passwords, and current users will not be able to switch to them.

Recent research undertaken by computer security firms showed the worldwide incidence of spam being received by businesses decreased after three botnets were disrupted last year.