Outlook.com Will Beat Gmail in Security, Pledges Microsoft

Microsoft and Google have a history of squabbling. The two have tangled over poaching employees, government contracts, search and, of course, patents.

So it could be more than coincidence that Redmond should be beating its chest about security on its Hotmail webmail replacement, Outlook.com, during the same week that Gmail played a prominent role in a highly publicized hacker attack on a tech journalist’s online accounts.

Although Gmail’s role in the elaborate sacking of Mat Honan’s online life would have been a non-starter if the Gizmodo reporter had activated the service’s two-factor authentication for his account, Microsoft didn’t turn its back on the opportunity to tweak Google about its webmail offering.

To Microsoft, it is easy to understand why Honan hadn’t activated Gmail’s two-factor authentication. Many Gmail users find the security feature cumbersome, Microsoft contends. Google isn’t saying how many of its users have activated the security feature, but a Microsoft spokesperson glibly estimated to Peter Pachal, of Mashable, that the number was one percent.

With Gmail two-factor authentication, a subscriber links a phone number to their account. A mobile phone number is recommended. Then, whenever the subscriber types in their password when logging into their account, a pass code is sent to them as a text or voice message. That code must be entered before the account can be accessed.

Microsoft argues that the Gmail process is inconvenient to users, which is why many of them don’t activate it. It’s looking into “strong” security for Outlook.com, it said, but strong security that won’t discourage subscribers from using it by being awkward to use.

Among the security features included in the initial version of Outlook.com—it’s currently in “preview”—are strong passwords and one-time codes.

Passwords for Outlook must include capital letters and non-alpha characters. One-time codes allow a subscriber to receive a code on their cell phone by which they can access their account without their password. The code only works once so the subscriber doesn’t have to worry about it falling into the wrong hands as they would with a conventional password.

According to the Microsoft spokesperson, the company is “putting a lot of investment and R&D” into making Outlook.com secure and user friendly.

As well as security, privacy can be an issue with webmail programs. Some settings in Outlook.com can be customized to improve a subscriber’s privacy. For example, you may want to turn off the web app’s active view because it performs functions automatically—responding to LinkedIn invitations, for instance—that you’d rather perform manually.

Displaying attachments, links and pictures can also be controlled through settings. So you might want to limit the display of such items to senders you’ve defined as “safe.” The default setting is less restrictive.

If you don’t want old emails to come back to haunt you, you’ll want to tinker with the deletion features in Outline.com. As with most email programs, deleted messages go to a trash bin, where they can be recovered if you change your mind about disposing them.

However, even after emptying the web app’s trash, messages can be recovered in online Outlook. To prevent that from happening, you need to change the default setting for deleted messages to “Don’t let me recover deleted messages.”

Microsoft and Google’s differences aside, both companies are making strides to keep their webmail services secure for their users.

Written by John P Mello Jr

John Mello is a freelance writer who has written about business and technical subjects for more than 25 years. He is frequent contributor to the ECT News Network and his work has appeared in a number of periodicals, including Byte magazine, PC World, Computerworld, CIO magazine and the Boston Globe


  1. Vlad Ivanov · August 22, 2012

    If one of them – i.e. Google or Microsoft thinks of a good and easy to use way to protect users’ privacy, you can bet the other will implement it too in no time at all. This is good for users and for the industry as a whole, so let them compete and see what they will come with.

  2. Sarah Campbell · August 28, 2012

    I agree with you, Vlad. Honestly I have been using Gmail for many years, and I have no complaints over its security features. In fact, I love them, and I certainly do not mind the small inconvenience. Checking the code in your phone and inputting it does not take up the whole day, if you get what I mean. I am thankful Gmail came since it is a good alternative to weak Yahoomail and dead Hotmail (which interestingly is from Microsoft). I am excited to use Outlook, though, and see for myself how more powerful or better its security features are.

  3. David Parker · August 28, 2012

    Okay, this sounds arrogant considering that, what @Sarah said, Hotmail was a total failure as far as security is concerned. Because the problem was so worse they eventually decided to kill Hotmail. Worse, I’ve heard some news that Microsoft is one of the biggest, if not the number 1, spammers in the country. Imagine that. So I wouldn’t put my hopes up on these claims yet until I can see some proof. That would mean creating my own account, which I’ll do, but I’ll be very cautious about it because the last thing I want to happen is Hotmail all over again.

  4. Arnold Bless · August 30, 2012

    Hmm, I have been using Gmail for more than 3 years now, and I don’t have any issues with it. Outlook, on the other hand, is a different matter. Despite its fight against anti-spam, I still receive them—lots of them. So I am not too keen about using its online version, more so believe its claim. Yes, I have heard the news about the biggest spammer in the world, which is (cough, cough), Microsoft. Microsoft, I don’t know what to say anymore. This spam thing that you’ve been fighting so hard for many years could just be your downfall.

Leave A Reply