Yesterday I wrote a blog about having my Hotmail account hijacked. In the event that you haven’t had a chance to read the article, it included this comment:
“Why Hotmail gives users the option to login from an unencrypted site, I’m not sure, but there is probably a reason”
… and today the reason was revealed.
This morning I attempted to log into my Hotmail account and the following page was displayed after I submitted my user name and password:
Of course, I selected the recommended option to “Always use HTTPS”. After making the selection, I was presented with another page:
As you can see, the default is set to “Don’t use HTTPS automatically and the reason is directly above, the Outlook Connector and other devices that we’ve come to rely on may not work as expected and will result in errors.
So there you have it, mystery solved, this is why Hotmail does not currently default to https.
I can imagine that some of you are wondering why Microsoft does not correct the issues so that Hotmail can default to HTTPS. Although I don’t know the exact reason, I suspect that like any software development company it generally comes down to time, resources, budget and priorities or some combination. I have every confidence that this is on Microsoft’s radar to address.
It is always nice to be in a position to deliver timely information but I don’t think I could have setup this course of events if I tried so I’ll tip my hat to the universe and send off my “Thank You”!