Helping people with computers... one answer at a time.

Web services often log activities and usage information. Exactly how much is logged and what it takes to access the logs is typically not known.

Does MSN Hotmail (now Windows Live Hotmail) keep a log of when and from what specific computer I logged into Hotmail? I think someone is accessing my mail as this particular person keeps turning up to things I am at. He is a little strange but I don't want to inform the police until i know if he can be traced.

Short answer: we don't know.

The longer answer is that there may well be logs, but whether they contain what you need, how long they'll be kept, and what it takes to even get the answer are huge unknowns.

It's pretty easy for any web-based service to keep logs of its activity. As we've discussed before, web servers at a minimum typically log the date, time, and IP address of the requesting computer every time a web page is visited. More complex applications may well log additional information like the account name that logged in or other specific activities that the web service performed.

The problem is that we just don't know what information Windows Live Hotmail keeps in its logs. Microsoft won't tell you.

Another problem is that the information they do log may not be enough for what you need. As we've also discussed repeatedly, an IP address is not enough to identify a specific computer or user. Even if you were able to get the IP address associated with your last login you might get close, but it's also quite possible you won't get nearly close enough for that to be useful.

"You get what you pay for and you're paying nothing."

Yet another problem is the sheer volume of information that those logs might collect. Windows Live Hotmail has millions upon millions of accesses every day. Logs that include any useful amount about those accesses would be huge. Too huge. So as a result it's extremely likely that even if there are logs, they're only kept for so long before they're discarded to make room.

How long are logs kept? Your guess is as good as mine. A day? A week? A month? Longer? There's no way to know. Microsoft's not saying.

Finally, let's say the information you need is being logged, and it's being kept long enough for it to still be available. What then?

Microsoft will most certainly not just give it to you if you ask. Besides being a huge privacy risk, it would require more resources that Microsoft just doesn't have allocated to what is a free service. You get what you pay for and you're paying nothing.

Chances are the police can't just walk in and ask for it either, though I suppose it's possible. More likely is that the police or other law enforcement officials will have to go to court and get a court order forcing Microsoft to release the information they have.

It sounds like it's quite an ordeal to get this information, and it needs to be. You don't want this information to be freely or easily available for privacy reasons. Making it difficult helps protect every Windows Live Hotmail user's privacy.

The bottom line is that only law enforcement can tell you whether or not they can even try to get the information based on just how serious the issue you're facing is.

Article C3209 - November 11, 2007 « »

Share this article with your friends:

Share this article on Facebook Tweet this article Email a link to this article
Leo Leo A. Notenboom has been playing with computers since he was required to take a programming class in 1976. An 18 year career as a programmer at Microsoft soon followed. After "retiring" in 2001, Leo started Ask Leo! in 2003 as a place for answers to common computer and technical questions. More about Leo.

Not what you needed?

14 Comments
Dan Ullman
November 12, 2007 9:14 AM

Change your password to your MSN account. Problem solved if it exists.

Depending on how far you want to take this you could also tell a friend tipped off to meet you at an event that isn't taking place. Wait out of site and see if the fellow turns up. If so, you have an issue.

susan oliver
August 13, 2008 10:12 AM

how do i contact msn for help,a phone number is needed

Maria
August 29, 2008 1:47 AM

Hi leo..
Im trying to find the IP address in windos live hotmail,,i cant findthe display settings!

Fox
November 12, 2008 2:20 PM

Hey... Gmail has recently incorporated the feature you're asking about. Another reason to choose gmail over Hotmail. It tells you how your account was accessed (browser, pop3, etc), from what IP and when. It keeps a log of the last 5 sessions. Just great for security!

kimberly summers
March 1, 2009 3:07 AM

i use hotmail to not much info on it i have the same problem i changed my password so maybe it wont happen anymore i hope thanks

Ken
November 18, 2009 1:31 PM

I think an ex girl friend has logged into my hotmail account. I have changed the passwords etc. But want to know if she has and could find that out if there was an IP log that I could audit as she lives in London does anyone know how I could find out if she (someone) has logged into my account from another city?

Seeing the comment above I don't think you have the answer at this time BUT please post in case someone comes up with the answer in future

Thanks in advance

CMBC
December 5, 2009 9:15 AM

Hotmail DOES keep a log of your logins. I used to work for MSN Tech Support. There is a tool we used and it would tell us everything about the account, including the times of login, whether it was a failed or successful login (so as to keep track of if someone was trying to enter with a wrong password) and also the IP address.

RG
December 5, 2009 8:16 PM

If they keep a log - how long do they keep your e-mails? How do I get them to delete them?

pisd off user
December 18, 2009 4:43 AM

to Dan Ullman, lol! if it was only that simple. my partner is having her hotmail/ facebook/ bebo/ etc hacked... she changed her passwords (to mad random stuff) changed her security questions and made up totaly irrelevant answers (nothing at all to do with the questions) and even changed her location. she changed all this from a different PC. AND STILL SHES BEING HACKED. she got so sick of it that she closed all her accounts down but they were all back up and running the very next day! we have both sent emails to all the accounts asking for help and all we get from them all is the "how to reset your password" email. i don't think they listen at all.

we are slowly but surely giving up, it is very destressing and is causing arguments because she gets up tight over it. emails have been sent from her accounts to friends and now her friends won't spk to her. people she doesnt know have been added to her MSN and the filth they come out with i couldn't even repeat... usualy a continuation of the convo with the hacker. the hacker has also subscribed my partner to singles sites (not the nice little "find your perfect match" ones either! no theyve described her (in grafic detail) as pretty much up for everything and anyone. they also do little subtle things like change her user name just to let us know they are still about and can still get in even if we change everything.

we are slowly but surely giving up. the police can't do much about it. esp if its someone she knows in another country. this has been going on for a year (that we know of).

if anyone at all thinks they can help please please post something. i have tried all the "how to hack hotmail" on google but nothing works. so i cant see how they are doing it.

anyway thankyou for reading.

tony
December 27, 2009 1:13 PM

There is one way to know if an unauthorized person open your email (by broswer) in your hotmail account without asking Microsoft help.

We know many web pages have counter embedded in the page to get the statistical data about how many times this page has been visited, and also date, time, ip address and others recoreded in the log for every visit.

We can do this by embeding same code (hide the counter) in the email you preparing, then send it to your hotmail account. When the unauthorized person open this email in your hotmail account, the date time, ip address of that person will be log in the web counter account.

There is more detail about web counter, but you can google "web counter" for more information.

I hope this method will help people here.

Kate
October 18, 2010 11:50 AM

what does this mean: [18:54:41.90] 0884 Contacts: Replication CReplicatorIndexCallback::OnDelete@01CC4688: Removing shadow SID (0x00000044) for type = 9, index = |Messenger||Allow|Passport|{removed}@hotmail.com

No idea. I'd have to know more about where you see that and what you were doing at the time.
Leo
19-Oct-2010

Jeff
January 17, 2011 5:48 PM

Hi CMBC
Can anybody tell me how long does MSN keep a log of when I signed in, coz I think someone used my MSN in 2010 Nov. I want to know where the IP is from, so please tell me how long it keeps?

Nope. You'd have to get that information from MSN somehow. They don't publicize that. My guess is you'll need an attorney and perhaps a court order for that kind of information.
Leo
18-Jan-2011

lyn
July 26, 2011 6:13 PM

does anyone have the contact info regarding getting a court order (mailing address) for MSN/HOTMAIL? Surprisingly the Help Center for Microsoft was able to provide me with 2 months of my IP log in dates, addresses, etc. but I am trying to see if I can get more. I understand a court order/subpoena mostly likely is required....but how do I even go about contacting them, OR is that something that the court handles and they would know how to contact MSN?

Thanks!

Typically court orders are issued in response to requests from law enforcement or other legal proceedings. You should contact a lawyer or law enforcement.
Leo
27-Jul-2011

Craig.
August 17, 2011 11:08 AM

Hey Leo,

Microsoft do keep IP logs, normally covering no more than the last 14 days.

If you are resident in the UK you can demand these logs under the 1996 data protection act and Microsoft are required to respond within 40 days.

To demand your IP logs just go to windowslivehelp.com and post a thread, a moderator will normally repond within a few days and will request your unique ID (another provision of the data protection act is that the company must make an effort to ensure that your personal information is not leaked, hence the unique ID).

Your logs will never be shared with anyone who cannot prove themselves to be you.

And for everyone who is hacked, please submit a feature request to feedback.live.com and ask for them to add an "authorised POP3/IMAP addresses only" option to hotmail.

Cheers,

Craig.

Comments on this entry are closed.

If you have a question, start by using the search box up at the top of the page - there's a very good chance that your question has already been answered on Ask Leo!.

If you don't find your answer, head out to http://askleo.com/ask to ask your question.