Hotmail's new security features vs Gmail's old security features

Hotmail's new security features vs Gmail's old security features

Summary: Microsoft's revamped Hotmail, set to be rolled out in mid-summer according to the company's press release, introduces several new features. Let's review them, their applicability to today's cyber threatscape, and compare them to Gmail's currently available security features.

SHARE:

Microsoft's revamped Hotmail, set to be rolled out in mid-summer according to the company's press release, introduces several new security features, among which are full-session SSL, visual indication for trusted email senders, and improved password recovery mechanisms.

Let's review them, their applicability to today's cyber threatscape, and compare them to Gmail's currently available security features.

  • Trusted senders. With the new Hotmail, we help you to visually identify trusted senders in your inbox, particularly banks and other senders most commonly impersonated in phishing scams, by putting safety logos next to those senders who we recognize as legitimate.

  • Full-session SSL - In addition to providing SSL encryption of credentials at login for all accounts, the new Hotmail will soon support the option to maintain SSL encryption between you and Microsoft servers during your entire Hotmail session.

  • Single-use codes - This new security feature is designed to further help protect you by giving you the option to ask Hotmail to SMS to you a one-time temporary password if you'd prefer not to use your regular password when logging into Hotmail on public computers that could potentially harbor key logging malware that could steal your password, such as those sometimes found in internet cafes and airports.
  • Account security information - The new security platform elements we've built up around Hotmail now enable you to use your cell phone or other items as proof of account ownership. For example, if you lose your password or, worse, if your account gets compromised, we can now send you an account recapture code via an SMS message or enable you to regain access to your account.

Playing catch up from a security perspective in the free email market segment -- sorry Microsoft -- offers unique business development opportunities, that if well executed can position the follower as the market (segment) leader, at least for a while.

And although the introduction of safety logos for over 100 banks/financial institutions, is a great idea, since it would help less technically sophisticated Hotmail users spot the fraudulent emails more easily, both, trusted senders (July, 2009), full-session SSL (July, 2008), and SMS-based password recovery, have been available to Gmail users for a while.

In order to fully seize the marketing momentum, market (segment) followers are supposed to set new benchmarks, and do their best to avoid "me-too" product feature catch-up based strategies. Interestingly, Microsoft appears to have achieved it by introducing the SMS-based single sign in codes.

In comparison, Gmail only has a password recovery option via SMS, introduced in June, 2009. Here's a chronology of the introduced security features at Google's Gmail over the years:

2004 - Gmail Begins Signing Email with DomainKeys 2008 - Gmail, PayPal and Ebay embrace DomainKeys to fight phishing emails 2008 - Making security easier (choice for always on SSL) 2008 - Remote sign out and info to help you protect your Gmail account 2009 - Google Account Recovery via SMS 2009 - The super-trustworthy, anti-phishing key (visual Trusted Senders confirmation) 2010 - Default https access for Gmail 2010 - Security alerts for Gmail

Which are the unique features offered exclusively by only one of the email providers?

Basically, if it wasn't for Hotmail's upcoming single-use codes, their whole campaign would have been an embarrassing catch up marathon with Google's Gmail. Gmail's security alerts feature, however, still differentiates by emphasizing on the real-time notification for a compromise that's currently taking place.

Is there a particular security feature that both, Microsoft and Google failed to implement so far? Has the time come for both companies to acknowledge the existence of public key cryptography within their settings interface? What about the availability of disposable/temporary email accounts generation feature?

Moreover, how user-friendly was your experience with both email providers, in cases of an account compromise? With do it yourself account import and export options, is the increased security offered by a particular provider, enough for you to migrate there?

Talkback, and share you opinion.

Topics: Collaboration, Browser, Cloud, Google, Security

Dancho Danchev

About Dancho Danchev

Dancho Danchev is an independent security consultant and cyber threats analyst, with extensive experience in open source intelligence gathering, malware and cybercrime incident response.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

21 comments
Log in or register to join the discussion
  • RE: Hotmail's new security features vs Gmail's old security features

    "visual indication for trusted email senders"

    About time. Sounds limited, though - I'd like to see some visual verification of *anybody* who is using something like DomainKeys to verify themselves. Maybe even be able to filter for it.
    CobraA1
  • True, Hotmail needed updating, but while everyone is

    "going Google"...Let's remember that it was one of Google's own techs that answered an email requesting their login creds, and invited an unfriendly onto their servers...<br><br>Secure is as Secure does...no?
    SonofaSailor
    • That's right, it's possible for a bad person to join a company..

      ..and do bad things to it. What's your point? Got one?
      AzuMao
      • Azuuuuu

        @AzuMao
        Where have you been?
        Dietrich T. Schmitz, ~ Your Linux Advocate
  • My take

    Every e-mail client has its own quirks and problems. GMail has its downtimes, Yahoo Mail has nasty advertisements and is slow as a result, and Hotmail gets the most spam (hopefully will be fixed with this update). However, I do use all three of them for different reasons and they work well considering that they are FREE after all.
    statuskwo5
  • RE: Hotmail's new security features vs Gmail's old security features

    Still no threading of emails? :(
    callandor87
    • RE: Hotmail's new security features vs Gmail's old security features

      @callandor87 yes. however it is not on by default.
      rjohn05
  • RE: Hotmail's new security features vs Gmail's old security features

    Biggest flaw's for Hotmail? No IMAP support, can't sync calendars and contacts to iphone over the air without some third party service.

    Biggest flaws for Gmail? Can't turn off threading, fugly 1990's style contact manager (that includes the recent update).

    I'm sticking with gmail because of my iphone.
    txscott
  • RE: Hotmail's new security features vs Gmail's old security features

    Hotmail is such a joke, none of the e-mail filters work, I have some listed as spam and to block they come in everyday anyways. And part of my approved senders end up in spam folder. At least if I block one on google it stays blocked. And now that Hotmail is using or can be read on Live Mail, things are getting worst. I have wrote Hotmail support 3 times and all I get in "canned" answer no real help. Not looking forward to their updates. and Yahoo not even on the chart to be found.
    zebra148
  • RE: Hotmail's new security features vs Gmail's old security features

    I like both use it or dont use them
    jose nolasco
  • I have Hotmail, Gmail and Yahoo...

    And while there is nothing wrong in particular with any of them, I have had my hotmail account the longest and in general everything else has a far more clunky feel to it. Even Gmail feels like some of the differences are different for no other purpose then doing it different. And just not quite as intuitive or slick.

    Agreed maybe someone who had Gmail for their first account might find Hotmail clunky to them, quite possible I guess.

    Yahoo mail same thing. Nothing terribly wrong in any way but it just feels like certain things it does slightly different then Hotmail is a slightly clunkier way of doing it and for no particularly explainable reason why they decided to make it operate that way other then its different and they wanted to appear different.

    Like I said, I use all three and have no objections to any that would make me tell anyone to stay away from any of the three. I just feel like hotmail got it right the first time.
    Cayble
  • RE: Hotmail's new security features vs Gmail's old security features

    One can google to find legions and armies of people who absolutely want to be able to opt out of gmail 'conversations' or threading. It makes such a mishmash of my email storage, that I've simply hardly use gmail anymore. But Google is deaf to the literal masses who try to tell them.
    Yes, gmail puts them in Spam, but it's the same Subject keywords over and over again ad nauseam. Why aren't they blocked so I don't have to even glance at those repulsive crooks' offerings while checking for legit mail misplaced, before Delete.
    Hotmail's Spell Checker, (most of these are horrible), won't allow me to correct/change the word for myself. When I do it myself, I tend to remember for next time.
    Always room for improvement, I suppose.
    Overall, egregious faults and all, I am still grateful to be able to use Hotmail and Yahoo, at no immediate cost out of my pocket.
    PreachJohn
  • gmail and love it.

    gmail was the first webmail account i ever had - and i love it. the labs are cool and i find it easy to use, fast, and has great features. i find that sometimes (one email per year) i will end up with a message in my spam box that is not spam. it is great to be able to integrate my gmail account with youtube, picasa and google search so i can have travelling preferences - and only one account. i find the threading really nice... except for long emails like the weather alerts from the weather network.
    crabbypup
    • RE: Hotmail's new security features vs Gmail's old security features

      @crabbypup
      I came back to hotmail/msn about a year ago. In that time i have yet to find an email in my spam box that was not spam. Blocked emails do not come back. I love hotmail and the new changes will make me like it more.
      eargasm
    • Haven't missed any emails in years with Gmail, here. Maybe it's idiopathic?

      [b] [/b]
      AzuMao
  • Gmail all the Way.

    Unlike with Hotmail, I actually enjoy my HTML emails I get. I LIKE seeing the pictures my friends send me, without having to give consent FOR EVERY PHOTO to see a THUMBNAIL. Forget the actual picture, because then Windows would prompt me with it's file security crap. I prefer to see my email in a multitude of fonts and colors, without being asked to see anything more than PLAIN TEXT. I like the option of having IMAP and POP3 for offline viewing. I enjoy having a STABLE chat client built into the page without needed to install any other bloatware.

    I like that I can have my Gmail on my iPhone or my Mac's Mail without any hassles. Oh, and really? Google is so kind as to not fill my email experience with ads. When signing up for Hotmail, when is it made abruptly apparent that they'll be using your emails as advertising space for M$'s products? Oh, maybe it's in that infinite license agreement that absolutely no one reads.
    Ktroje
    • Not true.

      Microsoft's lawyers are all briefed on it for business reasons.
      AzuMao
  • RE: Hotmail's new security features vs Gmail's old security features

    I have Yahoo mail, Hotmail and Gmail. Yahoo and Hotmail are very cluttered with ads and Settings are slow to do. Gmail ticks the boxes for me. The only thing I dont like is the lack of Folders.
    bd1235
  • Hotmail security enhancements

    Add but another enlarged advertisement panel to cut into user's work space. Make sure it flashes.

    Done.
    klumper
  • One of Dancho's best pieces

    You were objective.
    Microsoft _is_ playing catch up.
    Good work. D
    Dietrich T. Schmitz, ~ Your Linux Advocate