Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Microsoft Hotmail gets account theft protection


28 Sep 2010   #1

Windows 7 Pro & Vista Home Premium
 
 
Microsoft Hotmail gets account theft protection

In a posting on the Windows Team blog, Microsoft has announced two new functions aimed at enabling Hotmail users to recover their accounts should they be taken over by criminals. Previously, an attacker who had obtained a user's password via phishing, a trojan or unencrypted Wi-Fi could lock the user out of their account simply by changing the password. Unless the actual user had entered an alternative e-mail address for a password reset and had remembered the security question, there was no way of reclaiming the account.

Microsoft has now introduced the ability to have a password reset code sent via SMS, allowing users to regain control of their accounts. This does, however, require the user to have entered their mobile number prior to having their account taken over. The SMS message contains a code which can be entered on the Microsoft web site to reset the account's password.
Microsoft has also introduced a "Trusted PC" function which links a specific PC to the Hotmail account, allowing it to be used to reset the password without requiring the actual password. These functions are also useful for the absent-minded.

To prevent the bad guys from simply changing these new options, they can only be changed in combination with the other options. To change the mobile phone number, for example, the user has to give their consent through one of the other options (email, Trusted PC or security question). Microsoft has also announced that the entire Hotmail session will in future be SSL encrypted previously it was only the login process which was SSL protected.

Source: http://www.h-online.com/security/news/item/Microsoft-Hotmail-gets-account-theft-protection-1097726.html


My System SpecsSystem Spec
.

28 Sep 2010   #2

Windows 7 Enterprise x64
 
 

Hi Reghakr, That sounds great - but I've faced an entirely different situation that could potentially be the 'next big thing' in 'free email account abuse'
Imagine this: My Hotmail account had been around for a few years, and hence the address was fairly much in the public realm. When one day out of the blue I tried to log in and got the notice, "too many failed attempts to log-in - please try later"
Hmm~ well interesting because I was at work and hadn't attempted to login at all. I hadn't lost or forgotten my password. I waited the 24 hours MSN support suggested to no avail. Still locked out.
My guess - some script kiddy has probably tried to hack the account to gain access. OR some looser neighbor has acquired my email address and while they eat tea attempts to enter random passwords just to keep the account locked.

So... that means anyone who knows my email address can simply just attempt to login and lock my damn account (and keep it locked) I would prefer to have my account hacked and have them send mail on my behalf than to have some random have me locked out indefinitely.
Oh BTW going through the security option to change the password works, but the account still persists to be locked.
This would easily be scripted to harvest accounts and attempt logins NOT to gain access but to REDUCE access.
My System SpecsSystem Spec
28 Sep 2010   #3

Windows 7 Home Premium x64
 
 

Quote   Quote: Originally Posted by wolwol View Post
Hi Reghakr, That sounds great - but I've faced an entirely different situation that could potentially be the 'next big thing' in 'free email account abuse'
Imagine this: My Hotmail account had been around for a few years, and hence the address was fairly much in the public realm. When one day out of the blue I tried to log in and got the notice, "too many failed attempts to log-in - please try later"
Hmm~ well interesting because I was at work and hadn't attempted to login at all. I hadn't lost or forgotten my password. I waited the 24 hours MSN support suggested to no avail. Still locked out.
My guess - some script kiddy has probably tried to hack the account to gain access. OR some looser neighbor has acquired my email address and while they eat tea attempts to enter random passwords just to keep the account locked.

So... that means anyone who knows my email address can simply just attempt to login and lock my damn account (and keep it locked) I would prefer to have my account hacked and have them send mail on my behalf than to have some random have me locked out indefinitely.
Oh BTW going through the security option to change the password works, but the account still persists to be locked.
This would easily be scripted to harvest accounts and attempt logins NOT to gain access but to REDUCE access.
I've never heard of something like that before. Frankly I don't think that the person responsible is trying to prevent you from using your account (that serves no purpose to them); rather, I think what you are seeing is a side effect of someone earnestly trying to gain control of the account. Hackers don't try to gain control of email addresses to prevent you from using them, they want control so that they can use them for spam, viruses, or even illegal activity.
My System SpecsSystem Spec
.


Reply

 Microsoft Hotmail gets account theft protection




Thread Tools



Similar help and support threads for2: Microsoft Hotmail gets account theft protection
Thread Forum
Solved remove hotmail account Browsers & Mail
Solved Hotmail.co.uk account? Browsers & Mail
Blocked out of my Hotmail account Browsers & Mail
Hotmail account hacked? Browsers & Mail
Study: Electronic theft surpasses physical theft System Security
Hotmail is going to cancel my account Browsers & Mail
Microsoft cops to webcode theft Security News

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 06:31 PM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33