Helping people with computers... one answer at a time.
Hotmail now supports https connections to some extent. Unfortunately, there are problems and limitations that make it effectively pointless.
I keep hearing I should use https when connecting to sites at Starbucks and so on. How do I do that with Hotmail?
•
Hotmail's https support is a mixed bag. I have to say that I'm not very pleased with its limitations.
That being said, if you use Hotmail, and you're planning on using it at an open WiFi hotspot like those at your local coffee house, then I suppose that some support is better than none.
But not much better.
I'll show you how.
•
Hotmail recently introduced an option to always connect using https.
Click on Hotmail's Options menu, More Options item:
Then, under "Managing your account", click Account details (password, aliases, time zone) to go to the Account Overview page:
At the bottom, you'll see the option "Connect with HTTPS". Click on that.
Click on Use HTTPS automatically and then Save.
If you look closely at that option page, you'll see a few cautions. Specifically, turning this option on may interfere with:
Outlook Hotmail Connector
Windows Live Mail
The Windows Live application for Windows Mobile and Nokia
I'm sure that there's some technical back-end reason for these exceptions, but in my opinion, the fact that they're crippled by the https option is a serious flaw.
The implication is that, if you use Windows Live Mail to access your Hotmail while you're using an open WiFi hotspot, your information is transmitted in the clear and there's nothing you can do about it. The only alternative is to revert to the web interface with https.
These tools should all also support encryption, plain and simple.
And turning on Connect With HTTPS certainly shouldn't break them, as it does.
The suggested temporary workaround is to manually enter https when you visit Hotmail.
Fine. Doing so results in this message after logging in:
Apparently, even attempting to do the right thing manually is error prone and will probably end up popping you out of https and onto an unencrypted http connection. And of course, if you accept their recommendation to set the Always use HTTPS option, you may run into the problems they themselves outlined as we saw earlier.
Again, in my opinion, this entire situation is unacceptable.
If you must use Hotmail at all, then I recommend that you never, ever use Hotmail in any form at an open WiFi hotspot or other scenario where the data that you're transmitting could be susceptible to eavesdropping until Hotmail supports https cleanly and completely.
It's simply not safe.
March 22, 2011 10:55 AM
I don't like Hotmail for various reasons and never ever will consider using it.
Nuf said.
March 22, 2011 11:44 AM
I also thought the limitations were disappointing and need to be changed. You can successfully use Hotmail just make sure it's through a 3rd party email client like Outlook, or your smartphones email client, that supports Hotmails POP3 SSL/TLS settings. Make sure to enable them as Hotmail can work without it. Hotmail has made strides in the security area and I hope they continue to improve, especially since I really enjoy the Office/Skydrive syncing features. Yahoo also has a lot to do in regard to security as well... which is why I rarely use a web based interface for email.
April 26, 2012 10:28 AM
Leo, thanks for this article.
Which web based program do you consider is the "best" for security? Hotmail, gmail or yahoo? I travel a lot and often have to use internet cafes or WiFi hotspots to read/write email.
26-Apr-2012
•
Comments on this entry are closed.
If you have a question, start by using the search box up at the top of the page - there's a very good chance that your question has already been answered on Ask Leo!.
If you don't find your answer, head out to http://askleo.com/ask to ask your question.