Skip to main content

Hotmail Phishing Attack Shows Dangers Of One-Password Scheme

If there's two things that the discovery of tens of thousands of compromised email accounts showed us is that phishing is unfortunately common and that having one password that gives access to a number of services is nothing short of perilous.

All of the big three big internet companies - Microsoft, Yahoo and Google - have created competing single sign-on services that allow users to log in to many websites using one account.

Microsoft's Windows Live ID (formerly known as Passport) controls your MSN Live Messenger, Hotmail as well as dozens of other Microsoft-based services. Ebay, Monster and others were part of the network but later left the Passport Network.

The company is also looking into becoming an openID provider, promising to its users that they would be able to use their Windows Live ID account to sign in any OpenID website including Plaxo or Twitter for example.

Yahoo has already established a working relationship with Open ID and has already linked its Yahoo ID system to the popular third party open technology standard.

Google goes even further and links your search history, your blogging account (if you have one on blogger), your credit card details (on Google Checkout), your documents, adwords account and fairly soon, your phone numbers.

Furthermore, more often than not, you will be able to access the same account from different computers without the service providers flagging it up to the users. For example, your Gmail account can be left opened on your home computer and your work computer at the same time.

This makes the detection of any potential email hack very difficult, given the fact that criminals are likely to make sure that they cover their tracks in order to avoid being found out.

Our Comments

Using one password for many services is an unfortunate result of the rising number of websites that requests that you sign up with them. To some extent, browsers that save your password automatically is a boon but even this can be a cause of trouble.

Related Links

Change Your Gmail, Yahoo, AOL Passwords Now!


Over 30,000 email accounts compromised in industry-wide phishing scheme


20,000 Hotmail passwords exposed


Gmail, AOL and Yahoo email logins posted online in phishing scam


Thousands of Hotmail passwords leaked online


Désiré has been musing and writing about technology during a career spanning four decades. He dabbled in website building and web hosting when DHTML and frames were en vogue and started writing about the impact of technology on society just before the start of the Y2K hysteria at the turn of the last millennium. Following an eight-year stint at where he discovered the joys of global tech-fests, Désiré now heads up TechRadar Pro. Previously he was a freelance technology journalist at Incisive Media, Breakthrough Publishing and Vnunet, and Business Magazine. He also launched and hosted the first Tech Radio Show on Radio Plus.