Hotmail hacking, Part 2
19 February 2011
Last year, I was annoyed (and, admittedly, impressed) that someone hacked into my Hotmail account. There were only two ways someone could have got in: they read my mind or they set a machine to guessing for a very long time and the machine eventually guessed right.
At the time, I implored Hotmail to change their security system so that guessers would have to enter a CAPTCHA with every few wrong guesses. That would slow them down enough to make it nearly impossible to brute force their way into any account with a reasonably strong password.
I doubt the Hotmail folks read this blog and decided pull up their socks as a result, but I was delighted to see, upon my most recent Hotmail login attempt, a similar change to the one I recommended (see picture below). My account is obviously still under siege, and Hotmail is preventing too many password guesses. The only downside is that they won’t let me into my account, either.
So I feel satisfied that Hotmail now has security features that will keep my account safe, even without the strongest possible password. Just in case, though, I’ve updated my password to be ultra-strong. It’s more than 16 characters long (I don’t want to say exactly how long, because that would make it easier for a hacker to guess), contains numbers, letters, and freaky characters. It looks something like this: gA4wL[l0iX+yJ$j1. Hackers, I wish you good luck :).
Read more about passwords