Wednesday 15 August 2012

Outlook.Com does the job - including security

So it's been two weeks since I 'converted' from Microsoft's Hotmail to the new format Outlook.Com. And my verdict? I like it. The user interface is intuitive and migration was simple. The organisation features work well. What's not to like?
Microsoft desperately needed to improve on the tired and 'clunky' 1990's Hotmail interface (sic), where the likes of Google's Gmail and even Yahoo! have recently shown a much tidier set of functions.
And Microsoft has done what it always does best. Identify the features that users seem to work with most in rival products, and put those into its respective offering. This has meant that Microsoft software can never be seen as 'leading edge', and it may never be rated as the 'best' in a particular area, but it will be good enough for the vast majority of users/businesses and offer a reliable product. A while back I visited Microsoft Labs in Cambridge, UK, and was told that all the products developed in the labs are rewritten by a 'production team' to an engineering standard if they go mainstream, to ensure the reliability.
What has disappointed me about the launch of Outlook.Com is not the product, but the reaction of commentators that the 16 character password limit is not enough, and that Yahoo!'s 32 limit and the reportedly 200 for Google (and its ability to also use two-factor) are better for the job.
I know as well as anyone that the strength of a password is linked to its length. But so is the difficulty in remembering it! A lot of awareness raising has been done to push users to create complex passwords with a combination of upper and lowercase letters, characters and numbers. But the reality is that most home users, given the chance, will use the same, even complex, password on all their electronic accounts.
A much better way of getting users to make stronger passwords is to encourage the use of a standard pattern (algorithm). For example using a set string of characters and appending the characters from specific positions in the site's URL. Even at 8 characters that will be stronger than a 32 character password that is used on everything from Twitter to eBay.
Whist one of the arguments to moving to Outlook.Com was that it would look more 'business like', (just like the move of Googlemail to Gmail.com) the reality again is that the majority of Outlook.Com accounts will be home users, and the password will be protecting emails that mostly contain invitations to stag nites (sic) and the pictures of the dog/baby/etc. They may be protecting online banking, (which I would always recommend has a unique password), they will not be protecting accounts of large enterprises and 'national security' et. al. Those latter organisations use Exchange/Active Directory/Outlook client, etc. and are subject to polices that enforce 'secure' passwords, (although I would guess that many users utilise their 'work' password on 'home' accounts).
Outlook.Com is a 'good enough' product for the majority of the millions of users that it is aimed to support.
So which of Gmail, Yahoo! and Outlook.Com will I continue to use as my primary email address?

No comments:

Post a Comment