Microsoft banning weak Hotmail passwords
Hotmail changes mean you won't be able to express your love of cats in passwords anymore.


Microsoft has sought to make brute force attacks on email accounts a thing of the past by banning weak passwords.
The Redmond giant said it wants to stop users placing themselves at risk by using passwords like "password," "123456," "ilovecats" or "gogiants."
"This new feature will be rolling out soon, and will prevent you from choosing a very common password when you sign up for an account or when you change your password," said Dick Craddock, group programme manager at Hotmail, in a blog post.
"If you're already using a common password, you may, at some point in the future, be asked to change it to a stronger password."
Microsoft has also created a new feature which allows Hotmail users to report hacked accounts.
"It's easy: when you get that spam message supposedly from your friend, you just click My friend's been hacked!' on the Mark as' menu," Craddock said.
"You can also report an account as compromised when you mark a message as junk or otherwise move a message to the Junk folder."
Get the ITPro daily newsletter
Sign up today and you will receive a free copy of our Future Focus 2025 report - the leading guidance on AI, cybersecurity and other IT challenges as per 700+ senior executives
A good week?
The Hotmail announcements round off a positive week for Microsoft in terms of security.
The company saw its Internet Explorer 9 rated as the best browser for blocking socially engineered malware.
In NSS Labs tests, IE9 managed to block 92 per cent of that particular type of threat, compared to 90 per cent for IE8. Safari, Chrome 10 and Firefox 4 all got just 13 per cent.
Tom Brewster is currently an associate editor at Forbes and an award-winning journalist who covers cyber security, surveillance, and privacy. Starting his career at ITPro as a staff writer and working up to a senior staff writer role, Tom has been covering the tech industry for more than ten years and is considered one of the leading journalists in his specialism.
He is a proud alum of the University of Sheffield where he secured an undergraduate degree in English Literature before undertaking a certification from General Assembly in web development.
-
Security experts issue warning over the rise of 'gray bot' AI web scrapers
News While not malicious, the bots can overwhelm web applications in a way similar to bad actors
By Jane McCallion Published
-
Does speech recognition have a future in business tech?
Once a simple tool for dictation, speech recognition is being revolutionized by AI to improve customer experiences and drive inclusivity in the workforce
By Jonathan Weinberg Published
-
I love magic links – why aren’t more services using them?
Opinion Using magic links instead of passwords is safe and easy but they’re still infuriatingly underused by businesses
By Solomon Klappholz Published
-
Password management startup Passbolt secures $8 million to shake up credential security
News Password management startup Passbolt has secured $8 million in funding as part of a Series A investment round.
By Ross Kelly Published
-
LastPass breach comes back to haunt users as hackers steal $12 million in cryptocurrency
News The hackers behind the LastPass breach are on a rampage two years after their initial attack
By Solomon Klappholz Published
-
GitHub launches passkeys beta for passwordless authentication
News Users can now opt-in to using passkeys, replacing their password and 2FA method
By Daniel Todd Published
-
Microsoft SQL password-guessing attacks rising as hackers pivot from OneNote vectors
News Database admins are advised to enforce better controls as attacks ending in ransomware are being observed
By Rory Bathgate Published
-
No, Microsoft SharePoint isn’t cracking users’ passwords
News The discovery sparked concerns over potentially invasive antivirus scanning practices by Microsoft
By Ross Kelly Published
-
Microsoft Authenticator mandates number matching to counter MFA fatigue attacks
News The added layer of complexity aims to keep social engineering at bay
By Connor Jones Published
-
As Google launches passwordless authentication for all, what are the business benefits of passkeys?
News Google follows Apple in its latest shift to passwordless authentication, but what are the benefits?
By Ross Kelly Published