Microsoft banning weak Hotmail passwords


Microsoft has sought to make brute force attacks on email accounts a thing of the past by banning weak passwords.

The Redmond giant said it wants to stop users placing themselves at risk by using passwords like "password," "123456," "ilovecats" or "gogiants."

"This new feature will be rolling out soon, and will prevent you from choosing a very common password when you sign up for an account or when you change your password," said Dick Craddock, group programme manager at Hotmail, in a blog post.

"If you're already using a common password, you may, at some point in the future, be asked to change it to a stronger password."

Microsoft has also created a new feature which allows Hotmail users to report hacked accounts.

"It's easy: when you get that spam message supposedly from your friend, you just click My friend's been hacked!' on the Mark as' menu," Craddock said.

"You can also report an account as compromised when you mark a message as junk or otherwise move a message to the Junk folder."

A good week?

The Hotmail announcements round off a positive week for Microsoft in terms of security.

The company saw its Internet Explorer 9 rated as the best browser for blocking socially engineered malware.

In NSS Labs tests, IE9 managed to block 92 per cent of that particular type of threat, compared to 90 per cent for IE8. Safari, Chrome 10 and Firefox 4 all got just 13 per cent.

Tom Brewster

Tom Brewster is currently an associate editor at Forbes and an award-winning journalist who covers cyber security, surveillance, and privacy. Starting his career at ITPro as a staff writer and working up to a senior staff writer role, Tom has been covering the tech industry for more than ten years and is considered one of the leading journalists in his specialism.

He is a proud alum of the University of Sheffield where he secured an undergraduate degree in English Literature before undertaking a certification from General Assembly in web development.