Moving from Gmail to Hotmail: the disastrous conclusion

25 Apr 2012

PC Pro editor Barry Collins is conducting a two-week experiment, returning to Hotmail after six years of using Gmail, to examine Microsoft’s claims that its webmail system has improved. You can read his previous blog posts on Moving from Gmail to Hotmail here.

Today, I was all set to bring you the verdict on my two-week experiment of swapping Gmail for Hotmail. Last night, however, I spent in the pub with the PC Pro team, giving the latest issue of the magazine a good send off. Which is when the problems started.

The Twitter client on my iPhone started buzzing like a wasp trapped in a lamp shade. I received the following message:

Quickly followed by:

And this:

Then my brother rang. Had I meant to send him that link in an email? And why had I also sent it our cousin and three blokes he'd never heard of.

I put my pint down, switched my laptop on, logged into Hotmail, and saw the following:

I then uttered a naughty word. Something along the lines of: “bugger”.

My Hotmail account had been hacked alright, but that was only the beginning of my problems. As readers of my earlier blog posts about this experiment will know, I’d also set up Hotmail to import all my Gmail and its associated contacts. Not to mention the Facebook and LinkedIn contacts that Hotmail merges into your online address book. It soon became painfully clear that pretty much anyone I’d had personal or professional contact with over the past decade had been sent an email containing a link to a malicious site. From my account. Me – the editor of a PC magazine.

All this is a terrible shame, because I was gently warming to Hotmail

In fact, even people I didn’t really know were getting dodgy emails from me, because, as I discovered a couple of days ago, anyone you add to your Circles on Google+ is automatically added to your Gmail contacts.

And so, three pints to the wind and trying to ignore the smug amusement of my (soon to be former) colleagues, I set about trying to change my passwords. Hotmail was easy enough, but as that email address was also used as my iTunes login, I wanted to change that password as well. Except Apple’s changed its password policy since I last changed mine, forcing me to include a capital letter, a number, a set number of characters and a symbol from the Ancient Greek alphabet (I exaggerate only slightly). As my Gmail account was linked to that now compromised Hotmail inbox, I had to change that password too. So I now had three new passwords – all using slightly different systems – swimming round my slightly inebriated brain, and I can’t even remember the name of my news editor when I'm sober. If I’m still able to access my iPhone and Gmail account today, it will be nothing short of miraculous.

All this is a terrible shame, because I was gently warming to Hotmail. I wasn’t about to recommend all Gmail users up sticks and move (back?) to Microsoft, but features such as the SkyDrive integration and automatic inbox Sweep were genuinely useful, and way ahead of what Google’s webmail offers. I’m sure there are plenty of people who’ve had their Gmail account compromised too, although I have to say from anecdotal evidence that Hotmail seems far more susceptible to account hijacking than Gmail.

I simply can’t trust Hotmail anymore. And what’s even more worrying is that it’s not only my webmail that’s been compromised, but my Xbox login (which holds my credit card details) and now my PC login too. Because Windows 8 practically forces you to login with your Windows Live/Hotmail details to access features such as the Metro Store, synchronisation and SkyDrive.

It’s one thing giving hackers access to ten years’ worth of junk mail and iTunes receipts – it’s quite another potentially giving them access to my work PC.

(Update: For those of you inquiring about the strength of my Hotmail password - it was a seven-letter string of lowercase letters. Not a dictionary word, but part acronym, part proper noun. It's not the world's strongest password, and I can feel the parental glare of Davey Winder from 200 miles away, but it wasn't that weak, either.)

Click here to read Davey Winder's Ultimate Guide to Passwords

Read more

Blogs