Free WordPress Security Mini Course

Comments   |   Email Security

How to Turn on Hotmail HTTPS Browsing

In our last post, we referenced the Digital Society report card that basically gave Hotmail a D- failing grade. Perhaps that announcement combined with the Firesheep outcry helped prompt an announcement from Microsoft. On Nov 9, 2010, Microsoft announced that Hotmail security improves with full-session HTTPS encryption which means that Hotmail is providing you with the option to enhance the security of your entire Hotmail session with HTTPS data encryption (via secure socket layers, or SSL). Currently (without turning on this feature), HTTPS is only available to protect your sign-in. But once you are logged in, anyone using hacking tools like Firesheep could “listen in” and get your account information as you are browsing your email.

Perhaps you have received a Hotmail email this week from someone you haven’t spoken to in years. Let me issue this warning… DON’T open those emails and DEFINITELY DON’T click any links!!!! I can’t add enough exclamation marks to get my point across. I don’t care if the email is from an ex-girlfriend and looks legitimate. Come on… why would she email you especially after this many years? And really… email? Do you think that’s the form of communication she would use?

Microsoft has issued many warning about email hijackers and does a lot to help eliminate email spam. In fact, Microsoft claims that they filter 5.5 billion spam emails EVERY DAY! Damn spammers!

Here are some ways that email hijackers get into your account:

  • They use phishing schemes like fake “official” emails or websites that ask you to provide your password.
  • They use key loggers and other types of malicious software (malware) to steal your password.
  • They attempt to intercept passwords on unsecure Wi-Fi networks (known as “man in the middle” attacks). i.e… Firesheep
  • They try to guess your password by testing commonly used words, e.g., words in the dictionary.

Here are our suggestions to protect your Hotmail account:

  1. Don’t open emails from people you don’t know. They are 99.9% spam. If it happens to be that 0.1%, they will be able to reach you another way if it really is that important.
  2. Change your password. And while you’re at it, make it secure. Numbers, letters (CaPiTaL and lowercase), symbols, no common dictionary words, never your birthday or your address or your phone number.
  3. Enable HTTPS on Hotmail browsing. This is a new feature just introduced this week. Follow the instructions on the MyApheus blog.
  4. Spread the word. I care about my friends and family. So I educate them on the above steps. It only takes about 5 minutes and it saves your account (and theirs) from being hijacked. Do the Internet a favor and help kill spam.

Leave a Reply