Page 1 of 2 12 LastLast
Results 1 to 10 of 17

Thread: Microsoft's Hotmail Challenge Backfires

  1. #1
    Join Date
    Apr 2003
    Posts
    13,269
    Rep Power
    34

    Default Microsoft's Hotmail Challenge Backfires

    Barence writes "Microsoft challenged the editor of PC Pro to return to Hotmail after six years of using Gmail, to prove that its webmail service had vastly improved — but the challenge backfired when he had his Hotmail account hacked. PC Pro's editor say he was quietly impressed with a number of new Hotmail features, including SkyDrive integration and mailbox clean-up features. He'd even imported his Gmail and contacts into Microsoft's service. But the two-week experiment came to an abrupt end when Hotmail sent a message containing a malicious link to all of his contacts. 'What's even more worrying is that it's not only my webmail that's been compromised, but my Xbox login (which holds my credit card details) and now my PC login too. Because Windows 8 practically forces you to login with your Windows Live/Hotmail details to access features such as the Metro Store, synchronization and SkyDrive,' he writes."
    Source: http://idle.slashdot.org/story/12/04...enge-backfires

    The blog of the PC Pro guy who got his hotmail hacked: http://www.pcpro.co.uk/blogs/2012/04...us-conclusion/


    I have always gotten spam email with links to websites from hotmail accounts, just like what happened to this editor.
    Is it because they had weak passwords?
    Was it some form of a keylogger?
    Or is hotmail not doing enough to protect their users?

    Hotmail has done a lot over the past year adding new features and boosting their security and spam tools for their users.
    But I will never go back to using a hotmail account.

    Worst that they are forcing Windows 8 to use their windows live account as their user login.

    Reading through the comments on the pcpro site, one user pointed to a website on password security. https://www.grc.com/haystack.htm
    Basically, the longer the password, the harder it is to crack. Read it and add to your knowledge of creating secure passwords.
    "The best software is the one that fits your needs." - A_A

    Virus free since: date unknown
    Anti-virus free since: August 2008

  2. #2
    Join Date
    Nov 2004
    Posts
    5,192
    Rep Power
    25

    Default

    Personally I use Roboform. You can either buy it once or pay per year - the per year option allows you to install anywhere on any device (pc/laptop/thumb drive/mobile) and synchronizes your account details across the devices you have it installed. You can use it to generate passwords so you don't have to think them up and it's all stored in an encrypted file per login (one issue I have with it instead of a single database file). The second issue I have with it is that there's no support for countries outside of the US for form filling - so if you live in Jamaica then it will fill in your details but then you have to manually select Jamaica from the dropdown list. They say that the method used keyloggers won't be able to grab the passwords or data from the filling process - never tested fully but it's been around for years. Worth a shot if you ask me. I have the per year service which costs about USD$20 per year.
    Knowing the solution doesn't mean knowing the method. Yet answering correctly and regurgitation are considered "learning" and "knowledge".

  3. #3
    Join Date
    Apr 2003
    Posts
    13,269
    Rep Power
    34

    Default

    Quote Originally Posted by khat17 View Post
    Personally I use Roboform.
    You spend tons of money on software, don't you? You're like the direct opposite of a software pirate that spends zilch.

    I prefer free, open-source software personally, if available. So SuperGenPass works for me.
    http://supergenpass.com/
    "The best software is the one that fits your needs." - A_A

    Virus free since: date unknown
    Anti-virus free since: August 2008

  4. #4
    Join Date
    Nov 2002
    Posts
    2,231
    Rep Power
    0

    Default

    Strangely enough I use hotmail (albeit as a secondary email account), and have been using hotmail since... I think its inception (around 97 I think), and I've never gotten hacked before... For the longest while my password was even one which could be easily guessed.

    I kind of like the hotmail experience as of about a year or 2 now, albeit I prefer gmail dont think I'll ever go back to having hotmail as my primary account. But as long as i've had hotmail its never been hacked before. Maybe I'm just lucky tho, or maybe its just becuz I'm not a likely target. *shrug*
    Laptop: HP DV6700t - Core 2 Duo T9300 2.5Ghz, 3GB RAM, Nvidia 8400m GS, 250GB HDD. Ubuntu 12.04 and Windows 7
    Phone: Samsung Galaxy Nexus

  5. #5
    Join Date
    Nov 2002
    Posts
    2,231
    Rep Power
    0

    Default

    Quote Originally Posted by Arch_Angel View Post
    Reading through the comments on the pcpro site, one user pointed to a website on password security. https://www.grc.com/haystack.htm
    Basically, the longer the password, the harder it is to crack. Read it and add to your knowledge of creating secure passwords.
    After using the website I'm properly proud of my password lol.

    It says Online Attack Scenario (1 thousand guesses a second): 1.74 Hundred Billion Centuries.
    Offline Fast Attack (1 hundred billion guesses a second): 1.74 Thousand Centuries
    Massive Cracking Array (1 hundred trillion guesses a second): 1.74 centuries.

    I could give my email accounts to my next of kin and they could use it and we'd both probably die before somebody successfully guessed my password
    Laptop: HP DV6700t - Core 2 Duo T9300 2.5Ghz, 3GB RAM, Nvidia 8400m GS, 250GB HDD. Ubuntu 12.04 and Windows 7
    Phone: Samsung Galaxy Nexus

  6. #6
    Join Date
    Feb 2008
    Posts
    725
    Rep Power
    17

    Default

    Quote Originally Posted by Skillachi View Post
    After using the website I'm properly proud of my password lol.

    It says Online Attack Scenario (1 thousand guesses a second): 1.74 Hundred Billion Centuries.
    Offline Fast Attack (1 hundred billion guesses a second): 1.74 Thousand Centuries
    Massive Cracking Array (1 hundred trillion guesses a second): 1.74 centuries.

    I could give my email accounts to my next of kin and they could use it and we'd both probably die before somebody successfully guessed my password
    Ditto my friend
    Online Attack Scenario : 1.74 Hundred Billion Centuries.
    Offline Fast Attack: 1.74 Thousand Centuries
    Massive Cracking Array: 1.74 centuries.

    besides i hardly use my hotmail account, all my mails forward to gmail and then gmail forward's my emails to yahoo
    my hotmail account and gmail passwords are generated
    Last edited by Dre'; Apr 26, 2012 at 08:26 AM.

  7. #7
    Join Date
    Apr 2003
    Posts
    13,269
    Rep Power
    34

    Default

    Quote Originally Posted by Skillachi View Post
    I could give my email accounts to my next of kin and they could use it and we'd both probably die before somebody successfully guessed my password
    lol don't let the centries fool you too much. It can be cut in half if the hacker throws more computing power at it. And cut down to mere days if he has a fleet of zombie computers working to crack the password.

    But it's a good password you got tho.
    "The best software is the one that fits your needs." - A_A

    Virus free since: date unknown
    Anti-virus free since: August 2008

  8. #8
    jomo Guest

    Default

    lol, sounds like you already know it

    anyway im locked out of my hotmail account with no way to retrieve my password, but i still get emails on my bb, no one here can help me it seems, lol, so much for techies

  9. #9
    Join Date
    Jul 2002
    Posts
    1,395
    Rep Power
    0

    Default

    Quote Originally Posted by jomo View Post
    lol, sounds like you already know it

    anyway im locked out of my hotmail account with no way to retrieve my password, but i still get emails on my bb, no one here can help me it seems, lol, so much for techies
    ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^


    Anyway, I don't like Live because they don't allow me to use passphrases. I would use a password like "the 3rd is a turd" or "Kayak is kayak". That's how my passwords are on other services; why doesn't Live allow passphrases?
    Last edited by carey; Apr 26, 2012 at 03:02 PM.

  10. #10
    Join Date
    Feb 2007
    Posts
    6,512
    Rep Power
    0

    Default

    You don't need a techies help. All you need to do is pick up the phone and call email support or send them a msg. Remember the saying God helps those who help themselves? Yeah.

    Despite me having a password that'll take trillions of years to hack, people from China have accessed my gmail email twice. Haven't had that prob with hotmail but I still prefer gmail.
    ShadowWolfe, signing off *salute*
    /user has permanently disconnected from the Animus.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •