June 18, 2013
Amid Security Concerns, Microsoft Drops Linked Outlook Accounts For Aliases
Peter Suciu for redOrbit.com — Your Universe Online
While Microsoft has long supported linked accounts for its Hotmail and Outlook email services, the Redmond-based software giant recently noted these can be tempting targets for hackers. In a surprising move, the company has opted to sever those links entirely.
“There are a number of people who have more than one email address and want to manage these multiple email addresses from Outlook.com. Linked accounts were introduced in 2006 as a way to quickly switch between different accounts each with their own email address,” explained Eric Doerr in a blog post, Microsoft´s principal group program manager.
“Over the next couple months, we will stop supporting linked accounts and instead help people move to a more robust and secure way of managing multiple email addresses: aliases.”
Microsoft acknowledged many people opt for multiple email addresses for many reasons. These include not wanting to give out a primary email address to companies or individuals, and as a way to avoid junk mail.
To accommodate its users, Outlook has also allowed them to send emails from other accounts, including Gmail, Yahoo Mail, Comcast and others. And in May, Microsoft even offered a way for users to send email from other accounts but hide the fact it originated from Outlook. However, Microsoft noted these linked accounts create problems.
“We´ve increasingly found that linked accounts are less robust, and less secure than using aliases. With linked accounts, you can sign in to Outlook.com on the web and then switch to any other linked account without entering a password. It's a handy feature,” Doerr said.
“Unfortunately, this same feature benefits the bad guys, too. We've found that quite often, people who use linked accounts keep their primary account's security info (including password and proofs) up to date, but don't lavish as much care on their secondary accounts. It's easier for a malicious party to compromise one of those secondary accounts, which gives them full access to your primary account. Note that if we detect suspicious activity in your account, we automatically unlink accounts to try to help prevent this abuse, but we think we need to go further.”
With the aliases, users will now still be able to send and receive email from these different accounts. However, the aliases from these linked accounts will be tied to a single Microsoft account with the users´ most up-to-date security information.
According to Microsoft, the new aliases will provide a more robust and secure system for managing these multiple email addresses. This will include the ability to forward all email from a secondary account to the users´ primary account, while the secondary account can be used as a “send-only” address.
Microsoft announced it will begin to switch over to this new system in the next couple of days, and users can already begin setting up email forwarding. By late July, the company will begin to unlink all linked email accounts.