Hotmail: Microsoft bans the use of vulnerable passwords

by Steven Mostyn - Jul 18 2011, 10:47

With online hacks and high-profile data breaches grabbing plenty of headlines as of late, American software titan Microsoft has moved to enforce a little more security amongst users of its Hotmail platform.

More pointedly, the Redmond-based software specialist is to begin informing Hotmail users that they will no longer be able to select easily hackable passwords such as ‘123456’ or ‘password’ when setting up their accounts.

“We will now prevent our customers from using one of several common passwords to prevent email accounts being hijacked,” outlined Hotmail group program manager Dick Craddock via the official Microsoft blog.

“Having a common password makes your account vulnerable to brute force ‘dictionary’ attacks, in which a malicious person tries to hijack your account by guessing passwords (using a short list of very common passwords),” he added.

“Of course, Hotmail has built-in defenses against standard dictionary attacks, but when someone can guess your password in just a few tries, it hardly constitutes ‘brute force.’”

According to Microsoft, its stricter password selection policy, which was announced on Thursday of last week, won’t just cover new users.

Indeed, existing users who’ve already opted for a potentially vulnerable password are also likely to be told to change it for something more robust.

Around the Web