Microsoft adds more security features to Outlook.com

Microsoft launched the new Outlook.com in late July and since then the online email service has registered 25 million active users. Today, Microsoft announced that it will be beefing up online security for Outlook.com subscribers with the introduction of DMARC and EV certificate support.

The Outlook blog goes over each of the new security features in detail. One of them is DMARC, which stands for Domain-based Message Authentication, Reporting and Conformance. It's been set up so users can fight off phishing email attacks that seem to come from a real source, such as a email from a bank that is in fact looking to steal personal information. The blog states:

Our DMARC implementation helps protect you by making it easier to visually identify mail from senders as legitimate, and helps keep spam and phishing messages from ever reaching your inbox. If a sender supports DMARC, we put a trusted sender logo next to their email indicating it is legitimate. The effect is cumulative; the more the email sending services that use DMARC, the broader the protection offered against phishing.

The other common phishing scam is when a person is directed to click on what looks like a real web page but is in fact created to take personal information. Websites that use the older SSL certificates for authentication have been known to be compromised. Outlook.com now supports the Extended Validation (EV) certificates. The blog states:

EV certificates are deeply vetted by the Certificate Authority, providing significant assurance that you can trust the sites that use them.  These certificates require a minimum of 2048-bit encryption, which is far more secure than what is commonly used with standard SSL.

Microsoft says that in addition to Outlook.com, EV support will be added to SkyDrive in the near future. People who continue to use the older Hotmail.com and Live.com will get the "same level of protection" while they move onto Outlook.com.

Source: Outlook blog | Image via Microsoft

Report a problem with article
Previous Story

Twitter switches all users to new profiles on Wednesday

Next Story

Report: Bing team working on augmented reality Windows 8 apps

12 Comments

Commenting is disabled on this article.

How about improving the block sender list feature. You can't import or edit the list with wildcards characters, except for adding and deleting email addressees.

xankazo said,

It happened to me yesterday too.

Yeah, they do that a lot. For no reason, it seems. My post was related to Outlook.com and contained no profanity or otherwise objectionable material.

@Leo said,
Still no multi-factor authentication?

It does have multi-factor auth to protect personal account and billing settings. I think I remember them saying covering everything from sign in isn't really a desirable feature to most casual users.

chAos972 said,

It does have multi-factor auth to protect personal account and billing settings. I think I remember them saying covering everything from sign in isn't really a desirable feature to most casual users.


So don't enable it by default.

@Leo said,
Still no multi-factor authentication?

And which service would you suggest using that wouldn't cause you to roll your eyes?

@Leo said,
Gmail.

You mean the one that was down for a while yesterday? They have great security - break the service so no body can get in.