Improve Hotmail Sign In Security By Enabling HTTPS

Martin Brinkmann
Nov 6, 2010
Updated • Feb 6, 2014
Email
|
9

Many web users do not know that web services often offer two connection options. The standard http connection and the more secure https connection. Users who connect to email services like Hotmail with the http protocol may fall pray to attacks that sniff on network traffic in order to get the user's sign in information. These techniques would not work if the user would connect to and sign in to Hotmail using the HTTPS protocol instead.

Up until recently there was no option to enable an option in Hotmail to use https automatically when connecting to the email provider's website, including on the Hotmail Sign In Page. There have been options to force https connections but those were technical and limited to select web browsers.

Users who now connect to https://www.hotmail.com/ are greeted with a new message. It reads:

Trying to use Hotmail with HTTPS?

As long as you're just reading and writing email, signing in with "https" gives you extra security. But this extra security disappears if you check your calendar, edit a contact, or go to another site. For the most secure connection, we strongly recommend that you change your settings to always use HTTPS.

Hotmail will automatically switch the user to HTTPS If the user clicks on the Always use HTTPS (recommended) button at the end of the message. A second page is displayed that offers additional information about connecting with HTTPS:

sing HTTPS will help keep your account secure from hackers-especially if you commonly use public computers or unsecure wireless connections.

Important note: Turning on HTTPS will work for Hotmail over the web, but it will cause errors if you try to access Hotmail through programs like:

Outlook Hotmail Connector
Windows Live Mail
The Windows Live application for Windows Mobile and Nokia

If you only need a temporary HTTPS connection, enter "https" in front of the web address instead of "http".

use https automatically hotmail

Hotmail users need to select Use HTTPS automatically (please see the note above) and click the Save button to always connect to Hotmail with HTTPS.

Hotmail will from that moment on switch to https whenever the user connects to the Hotmail web page. The Hotmail sign in form should always show https in the address bar from that moment on.

It is highly recommended that Hotmail users switch to HTTPS immediately to improve security when connecting, signing in and working with Hotmail.

Update: Microsoft has implemented HTTPS by default on Hotmail and on the company's most recent email service Outlook.com.

Advertisement

Tutorials & Tips


Previous Post: «
Next Post: «

Comments

  1. mizi jaimie said on September 14, 2012 at 12:59 am
    Reply

    lovin brat

  2. Ahmad said on November 7, 2010 at 5:37 am
    Reply

    Really nice helpful article, I really admire your efforts. Can you guide me, how can I enable https automatically options. I went to my account settings then what next?

    1. Easa said on November 12, 2010 at 8:10 am
      Reply
  3. Danny said on November 7, 2010 at 1:23 am
    Reply

    According to the Windows Team Blog, that feature is not yet fully implemented and some people (including myself) are getting the following error:

    Your Windows Live ID can’t use HTTPS automatically because this feature is not available for your account type.

    Besides, I’ve only been accessing my hotmail account via POP and that uses SSL. Isn’t that safe enough?

    1. Martin said on November 7, 2010 at 1:32 am
      Reply

      Danny this does not change anything for you, since you access Hotmail via POP. If you would sign in via the website then it would affect you.

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.