Microsoft looks to enhance security with Hotmail update

Microsoft unveiled new features for its Hotmail web email service, some security-related. Among the new features: SSL (secure sockets layer) encryption of Hotmail sessions; increased account security information; and single-use codes designed for secure access from public computers.

Following in the footsteps of Google’s Gmail, Hotmail will now offer full SSL encryption for the duration of user sessions, rather than just at login. What is not entirely apparent, however, is whether the SSL encryption will be the default setting, or something users must opt-in for. Microsoft says this full-session encryption will protect data transmitted between users and Hotmail servers.

In addition, Hotmail will add account security information features in coming months. According to a blog posting previewing the updated email service, users will be able to regain access to compromised accounts via a recapture code sent by SMS message. Another security enhancement provides single-use codes for Hotmail users accessing accounts at public terminals. Users will be able to request a one-time authentication code be sent to another email account or mobile phone, enabling access to the account using the code instead of their usual password.

Microsoft has not yet established a go-live date for the updated Hotmail, but reports indicate the new version will be released in the coming months.

What’s Hot on Infosecurity Magazine?