In association with heise online

10 November 2010, 12:09

SSL for Hotmail blocks Windows Live connections

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Hotmail Logo Microsoft has started to offer fully encrypted SSL connections to those who use the web front end of the Hotmail email service. Previously, only the service's log-in procedure was SSL encrypted, but attackers were able to read other users' emails, for instance, on unsecured Wi-Fi networks, or even gain unauthorised account access by copying a user's cookies. The Firesheep plug-in for Firefox makes easy work of this task.

At least in Hotmail, such attacks have now become more difficult. However, the switch is not a direct response to the release of Firesheep, as it was already announced back in September.

To automatically enable SSL for Hotmail, simply access and enable the option "Use HTTPS Automatically". Unfortunately, Microsoft say that this prevents users from accessing their accounts via such email clients as Outlook Hotmail Connector or Windows Live Mail – including the Live apps for Windows Mobile up to version 6.5 and Symbian. Users who require this functionality should simply establish temporary SSL connections to Hotmail via

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit