Hotmail Limits Passwords to 16 Characters

Passwords, unfortunately, still are the main authentication mechanism on most Web sites, including all of the popular webmail services, such as Hotmail, Gmail and Yahoo Mail. Many sites encourage users to pick complex and long passwords, so it’s surprising to see that Microsoft now has limited Hotmail passwords to no more than 16 characters. Even more surprising, however, is that Hotmail will accept the first 16 characters of an existing, longer password, indicating that the company may have been storing users’ passwords in plaintext.

New P2P Zeus Variant Targets Popular Sites with Bogus Offers

Facebook, Gmail, Yahoo and Hotmail users should beware of rogue rebate offers and new secure payment options aimed at getting them to part with their debit card information.

Earlier this week Amit Klein, CTO of Trusteer, announced the discovery of a peer-to-peer variant of the Zeus platform that leverages trusted relationships and well-known brands to convince users to sign up for convenient services and better secure debit card transactions. On each site, the attack displays a little differently.

quaint seem the days when naïve hacker wannabes phished PayPal logons,
then posted them on IRC chat channels, to try to make a few bucks — but
mostly for bragging rights. That was circa 2002-2003.
Fast forward to the present. At this moment, Facebook is being blanketed by two high-volume email phishing campaigns.  Read the full story [Byron Acohido/Last Watchdog]

A researcher who examined 10,000 Hotmail, MSN and passwords that were recently exposed online has published an analysis of the list and found that “123456″ was the most commonly used password, appearing 64 times.  Read the full story [Kim Zetter/Wired Threat Level]  More from Dancho Danchev []

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.