According to Microsoft, using a common password makes it easier for hackers to gain access to web users' account. 'Common' passwords include 'password, '123456' and even 'ilovecats'. The tech giant said these will now be unavailable to new users signing up to use the webmail service, while those that are already using one of these common passwords may be asked to change it to a stronger password in the future.
"At Hotmail, we know that account hijacking is a big problem, and we continue to work hard to prevent it," said group manager for Hotmail, Dick Craddock, in a blog.
"We've noticed a couple of things about hijacked accounts. First, many accounts have weak passwords that make them easy targets for hijackers."
Microsoft says the ideal password is "long and has letters, punctuation, symbols, and numbers". Furthermore, the tech firm urged web users to use at least 14 characters or more in their passwords, use a variety of character from the entire keyboard not just the most commonly used ones. Furthermore, they should not contain personal information such as birth dates or anniversaries or be based on words in the dictionary
Microsoft also said it was rolling out a compromise detection system that lets Hotmail users report if a friend's account has been compromised.
"When someone's account gets hijacked, their friends often find out before they do, because the hijacker uses their account to send spam or phishing email to all their contacts," said Craddock.
Microsoft has rolled out a My friend's been hacked! Option to the Mark as functionality in the Hotmail inbox. If a user flags a message up using this option, it alerts Hotmail which then analyses the account to identify if it really has been compromised.
"When this [receiving spam emails from a friend] happens, you probably call or text your friend or contact them on an alternate email address to let them know that their email account has been compromised. But you wish you could do more. Now you can."
Microsoft also said it will pass the alerts on to other email providers including Yahoo www.yahoo.co.uk and Gmail www.gmail.com if a user's friend with one of these accounts is marked as being compromised.