Microsoft answer new Live log-in criticisms
Last month Microsoft changed the default log-in experience on their Live services, which include Hotmail. The change meant doing away with the tile you could click (that was also more finger-friendly) and the "Remember me" box and replacing them with a more 'traditional' text entry box for your username.
In order to make the system more secure you had to type your complete email address whenever you entered the services. This caused a flood of complaints to the company from people who didn't want to have to type sometimes long and difficult email addresses whenever they wanted to log in.
Now Microsoft have come back with a response, first explaining why they made the change they did and also detailing how they've addressed the criticisms from users.
Over the past several years, we’ve received a lot of negative feedback on the old user tile login experience, from bugs to design flaws to the fact that it only worked only in IE. For the recent change to “keep me signed in,†our goal was to simplify the options, ensure consistent behavior across browsers and platforms, and make it faster and easier for you to get straight into your inbox.
While the majority of people seem quite pleased with the change, we’ve heard via the Inside Windows Live blog and other places that some of you liked the user tiles and the “remember me†option and feel that something you loved has been taken away.
The change they've made is small but very significant, and if you want a more secure experience can be disabled by switching off the autocomplete function in your web browser.
The change we’ve made is to add an attribute to the email address input box on our login page. What this means is that if your browser has autocomplete enabled, the form will automatically fill previously entered email addresses for you as you type, or you can hit the down arrow on your keyboard to see the full list and select the account you want.
This new change means that the email address box will now remember past entries and bring up appropriate email addresses when you type the first, or the first few letters. This is probably the behaviour that it should have and it will be welcomed by many.
The changes are being rolled out now, so don't expect everything to change overnight as it can take some time to update every server hosting the service when you're dealing with something this large that's used by hundreds of millions of people.
It's just a small change but one that will leave many wondering why Microsoft didn't do this to begin with. The most obvious reason for making the change they did last month was to improve security for the service. The change would have made no difference for people trying to hack into your email account from outside of your home or work space, but certainly made mobile devices such as tablets and laptops much more secure.
Microsoft's Live services had proved more resilient in recent years to those of rival Gmail, which has been repeatedly hacked by the Chinese government. This is despite Microsoft being a much larger target for attack than any of their rivals, who are generally more popular.
It's good to see the Microsoft are taking security seriously, especially when your Live ID no longer just gets you access to your email and calendar, but also to sensitive documents stored in Skydrive and your Office 325 account too. On this occasion they went to far in trying to protect their users, and it's great to see that they've rectified the situation.
Advertisement
Kind of ironic though isn’t it – Microsoft being slated because their security is too good…
Seriously, wouldn’t the best way they could beef up security be to not use the same login ID for low end consumer products like Hotmail and high end confidential / business products like Skydrive/365?
Hotmail users driving down security shared by cloud apps is tail wagging dog.