Select a language to translate this page!
Powered by Microsoft® Translator
As we shared alongside Google on September 24 of last year, online account hijacking continues to grow across all email services, regardless of provider. To help protect our Hotmail customers, we’ve introduced a number of new features and technologies to safeguard accounts, including new methods of proving ownership like single-use codes and trusted PCs, trusted senders in the inbox, full-session SSL encryption, and more. And at a broader level, Microsoft also continues to hunt down cyber-criminals and illegal botnets that generate billions of spam messages daily, and shut them down.
Most people know that banks and credit card companies monitor usage patterns for suspicious activity -- and many people have had their financial institutions briefly suspend their accounts and contact them to double-check account activity and ensure the rightful owner is still in charge.
At Hotmail, we also monitor for strange activity (like sending a lot of email that is reported as spam) and contact our customers if we see issues. And in our network of over 1 billion email accounts, unfortunately, a few customers run into this problem every day.
If this happens to you, here’s how you’ll know.
If you do find out that your account has been compromised, don’t worry. We’ll fix it. Below is a video showing the account recovery wizard and then another demonstrating how you can add proofs to your account to help prevent this in the future.
Most people should be able to recover their account in just a few minutes by answering a few questions or using their alternative email address or mobile phone. If you run into issues, we do have support agents online to help at https://www.windowslivehelp.com/PasswordReset.aspx. But it’s usually only a few minutes to recover your account yourself – so try that first before asking support to help.
Most often, the source of the compromise is a virus or malware that record keystrokes to steal passwords. Keep in mind that even if your PC is safe, your friend’s PC (or that PC at the hotel on a business trip) may not be.
The good news is that you can protect yourself! Be sure to update your virus software on your PCs (you can download free antivirus software at the Microsoft Security Essentials website), and when you use a PC that isn’t yours, consider logging in with a one-time code. For additional steps you should take to secure your account, please follow these steps from the Windows Live Hotmail Help Center.
When it comes to account security, Hotmail—and Microsoft—are dedicated to doing all we can to help protect your Hotmail account from thieves. While it’s fun and exciting to develop and launch new features that people on Hotmail love—like our integration with Office or Sweep—our number one priority is the security of your account.
Eric Doerr Group Program Manager, Windows Live ID
What about full session SSL for deltaync clients? Are you aware that both google and yahoo support encrypted IMAP? If you refuse to support IMAP, then at least add full SSL to your deltasync.
Does the "trusted PC" proof still require that the customer have Windows Live Essentials installed? If so, then why? Not every Hotmail customer wants/needs Windows Live Essentials, and requiring that product as a prerequisite can only result in some customers not using the "trusted PC" proof. If you have not already done so, then please find a way to implement the "trusted PC" feature without requiring your customers to install Windows Live Essentials.
Censored posts, ftw. Oh well, tired of this crappy email service and the Windows Live Team inability to consider even the most trivial cases where there are huge gaping holes in their security model. Back to Google, Back to Android, and off to get rid of this XBox. Call me up in about 5 years when you people finally get around to fixing the obvious issues. Bye.
I wish I would have seen this crap before I got this Windows Phone. Would have avoided it, as well as this XBox 360.
Once again I find myself 'seconding' a comment made by langware. :-) I don't want or need WLE, but I *could* benefit from the 'trusted PC' safeguard. I won't be using the latter until langware's suggestion is followed.
In the article above, you compared the security features of Hotmail to those used by credit card and financial institutions. These institutions often use the following security technique; I recommend that Hotmail do the same.
Allow the customer to specify a default IP address (or automatically determine that address from usage patterns). Then, if an attempt is made to access Hotmail from an IP address other than the default, require additional proof(s) from the person attempting to sign on (i.e., answer the user-defined security question, etc.).
You stated: "our number one priority is the security of your account". I'm sure you would agree that the above technique would be a simple, yet effective, way to significantly improve Hotmail's security. If security is your number one priority, then why not implement the above technique?
Better yet, would you all please *hire* langware ? He's got so many great comments/ideas posted on these blogs, he deserves to be on Windows' payroll ! :-)
@langware: forgive me for allowing myself to doubt the viability of your proposal, but so far as I'm aware the vast majority of (private) users have dynamically-assigned IP addresses from their ISP's address pool. So the IP address I have today might well be somebody else's tomorrow.
Hotmail are on the right track with the 'trusted PC' method of authenticating a user, and it could well be extended to apply to login as well. This doesn't help those who have to use public computers, though.
I understand that DHCP will result in ones IP address changing over time. However, many banks and financial institutions successfully use this technique. At times, when accessing my financial account (from my usual PC), I will be asked to answer one of my secret questions. This is likely caused by the DHCP lease on my IP address having expired, and a my cable modem assigned a new IP address. Once I successfully answer my secret question(s), I am given access my account (and the system remembers my new default IP address). Future sign in attempts do not result in my being prompted to answer the secret question ... until the lease on my DHCP assigned IP address again expires.
Is it a hassle to periodically be prompted with my secret question .... yes. Is that hassle worth the increased security on my account .... yes, yes, yes.
Microsoft could make this feature optional they felt customers would be bothered by having to periodically answer their secret question. Those who desire increased security (with the hassle of periodically answering their secret question) could enable the feature. Bottom line ... the financial institutions (and others) have already demonstrated the feasibility of using this common technique in an environment where customer's IP addresses periodically change. If Microsoft's number one priority is the security of our accounts, then they too can (and should) make this technique available as part of their security armor.
As far as Microsoft's "trusted PC" method ... I would gladly use it if it did not require the installation of Windows Live Essentials. However, I will not install Essentials just to use the "trusted PC" feature. There are probably one (or a few) DLLs from the Essentials installation needed to make "trusted PC" work. Microsoft needs to find a way to implement the "trusted PC" feature without the prerequisite of Essentials.
@ Langware: Thanks for the feedback. Here are some thoughts on your two points.
1) Trusted PC. Yes, this requires a browser helper object that is installed with Windows Live Essentials. Note that this is installed as a shared component so you don't have to install everything in the suite to get this. You are right that there are other ways to implement the concept of trusted PC (with various pros and cons). One of the nice things about our currently implementation is that client apps and web sites can share the trusted PC concept. Since the vast majority of our customers use Essentials, this is great for them. But I understand that's small solace for those of you who don't. We're looking at this (and other additions to make our service more secure)- stay tuned.
2) Being smart about IP. Yes, this is an increasingly common tactic used across the industry. We do a number of things with IP today to protect the service - forgive me if I don't go into detail but we don't want to make it any easier for the bad guys to attack the system. There are many other things we can and will do over time to add more protection and more tools for our customers. Again - this is an area we are very active, but not quite ready to talk about what's next.
Thanks again for the feedback.
Thanks for your response.
>forgive me if I don't go into detail but we don't want to make it any easier for the bad guys to attack the system.
>We're looking at this [removing trusted PC's requirement for Essentials] (and other additions to make our service more secure)- stay tuned.
>Again - this [recognizing user's IP] is an area we are very active, but not quite ready to talk about what's next.
Looking forward to seeing some results in the near future.
Brilliant! I didn't know that if you had your account blocked you could get it back as easily, or that if you set your password to expire and you forgot to change it you were prompted! A little question:
- What happens if the people in your account REMOVE all the safety options you have set up before you re-gain control of your account?
Thanks for making Hotmail really secure.
HI - firstly im sorry if i have the wrong forum/post or whatever.....
I am deep upset with windows live to the point in ripping my hair out.
It was my birthday on the 23rd FEB 2011, since 12am that day my hotmail account has been blocked, for no reason?
I have contact the LIVE mod's and they are so UNHELPFUL.
I created my account with i was 16 years of age, that 12 years ago. To unblock my account i have to verify ownership to the account. Ok, no problem. You follow the link to recover your account ,and it comes to a page where it asks your Secret question. no problem. Here you enter your Answer ( what you believe to be true) - then it send your password to a inactive hotmail account. - when you try and explain to the MODs, why you cant recover the pass word form a inactive account, then tell you to restart the whole process again. I have done this about 8 times now.
Its really important i get my account back as i have all my WEDDING DETAILS/ CONTACTS in there....and the wedding is only a few weeks away. MOD'S dont understand the problem and have marked my posts as "resolved" - however I'm still without my account. - how can it be resolved?
What do i do?
This is unrelated to this post but it is a problem you should take to heart since your job is Group Program Manager with the Windows Live ID Single-Sign On (SSO) system. Over the past month, I've learned a great deal about the Windows Live SSO system. You have multiple problems with Windows Live IDs that I very conservatively estimate causes 1.1 million users to experience failures of the SSO system across the entire Microsoft network annually. This negatively impacts Microsoft's image and bottom-line. By "failures", I'm referring to account lockouts, page load failures where transfer to or from the SSO server cluster fails, Live ID signup verification infinite loops, and numerous other issues. I've calculated, based on the rates of complaints in your own online forums, that your support team receives about 27 complaints an hour, about half of which are SSO related. The industry standard measure is that only 10% of users will report a problem, so you are looking at a minimum of 130 users experiencing significant SSO failures per hour. However, that estimate is probably a fraction of the actual number because anyone looking for real human help with a problem gets sent in circles on the Windows Live Help website. I suspect that particular action was taken because those people were formerly inundating the forums for help. Now only a fraction of the users figure out how to reach the forums and the rest give up. So the actual percentage of those finding a way to post a message to the Windows Live ID forums is probably closer to 2%. That becomes 650 users per hour or 5.6 million users annually. This is a serious issue when 1.1 to 5.6 million registered users are having problems annually with a key Microsoft system. The Windows Live ID forums should be very quiet in terms of the SSO system, but they are not.
Now to my own issue. I can't seem to find anyone who can help me and it has to do with the interactions between the Microsoft Store and the Windows Live ID SSO system. I went to purchase an expensive product through the Microsoft Store and the transaction successfully entered the Pending phase (hold) but then later failed the actual Authorization phase. When this happened, my Windows Live ID, which had an e-mail address identical to the e-mail address used for the purchase, was suddenly and inexplicably inaccessible. I'm unable to reset the password because the Windows Live ID system says the account does not exist. I'm unable to login because the system says the account does not exist. But when I go to attempt to "recreate" the account, it says the e-mail address is already in use. I've written a few login systems myself and this behavior is identical to how a "permanently locked account" is set up. My Windows Live ID is associated with several Microsoft services that help me run my business smoothly and I'd like my access to be restored. The account has been inaccessible for about a month now.
From my communication with Microsoft Store support, the Microsoft Store allows for any e-mail address to be entered during the purchase process and then creates a Windows Live ID with a temporary password if an account does not already exist. My educated guess is what happens in the event of a purchase failure similar to mine is that the Store requests any associated Windows Live ID to be either locked or deleted with the (false) assumption that the account was created earlier by the Microsoft Store software. This is a security vulnerability in the Store and Windows Live ID system that no one at Microsoft is taking seriously. A "hacker" with stolen credit cards could, for instance, lock out any Windows Live ID account using this method. It is difficult, sure, but hackers view great challenges as a way to achieve great fame. At the very least, legitimate customers are being locked out from Windows Live ID via the Microsoft Store.
No one seems to be capable of helping me. I've reached out to Microsoft Store support, Windows Live ID support, the Microsoft Security Response Center, and the general Microsoft online forums. No one seems to be trained to handle this scenario. I've tried to be polite and courteous but I've probably failed somewhat in that regard during this process - but it has been a month long adventure. I'm an incredibly patient person since, if one avenue doesn't work, I'll try another and another and another. As you can see, I've tried every avenue of attempting to get this security vulnerability fixed and my account restored before reaching out to a Program Manager such as yourself.
Please contact me off-blog so I can provide any additional details you might need such as the real e-mail address associated with the Windows Live ID in question and whatever other information could be useful.
My Hotmail account was hacked last week and I feel like I've entered into another world, not somewhere I'm keen to be. The hacker is living in my house and has written to all my friends and locked me out.
I'd like to know for sure that the account is frozen while the recovery process is underway.
I am posting here in the hope that langware (the still small voice of reason and calm in the midst of all this chaos) might come across this and be able to clarify a couple of things. Any other assistance would be much appreciated.
I have logged the details of my hi-jacked account in the Private Forum along with all my details. I am waiting for a response.
Am I right in thinking that because I only have a temp ID I'm unable to post in the Community Forums? (I don't want to open another Hotmail account just to gain access, nor do I want to close my current request for a password reset.)
I've entered as much info as possible to substantiate my claim. But if I'm not certain of the answer, for example start date of account could've been 2005 or 2006, should I leave this section blank? Or submit one entry that might fail and then submit another with the alternative year?
And when I do regain control over the account and want to close it, where can I find out more about how to stop the hacker regaining control? I don't think that I'll be able to use the alternative proofs because I don't have Windows Live Essentials. The hacker probably has.
And when I've sorted this all out is there a way for Tyler Tiptoe to tiptoe his way out of this forum.
Sorry if this post is in the completely wrong area. The one I wanted to use offered no opportunity to Post Feedback.
@controlz - If bad guys get into your account and make changes to your information we keep the old data around for a while. If you can get back into your account using your password, you can change this data back easily (and then change your password). In the worst case if you have lost access to your account our support engineers can use the original information to help validate that you are you and help you regain control.
@chilledcoffee - I sent you a friend request so we can talk offline. I'd like to dig into your situation with the Store and see what's going on. I'd also like to chat about the SSO issues you're seeing.
@nm230283 - I'm sorry to hear about your problems and that you've had to engage with support several times without success. I'd like to talk directly with you to see if we can help you out. I tried to send you a friend request on this site so we can talk offline, but it looks like your account is not configured to allow requests. Can you send me a request please so I can help?
@Tyler Tiptoe - You did the right thing by submitting the form to support. In general you should answer as many questions as you can - and if you can't remember between 2 answers it's better to list both. For example - if you think that the account was opened in 2005 or 2006, say that. It can sometimes take support up to 24 hours to investigate and contact you about recovering the account. If it's been longer than that then let's talk offline and I can see about helping you.
Thanks for the vote of confidence. Eric has responded to your post. He suggests waiting 24 hours to see if Hotmail support will resolve this problem for you. If you have not regained access to your account in 24 hours, then post back here and ask Eric to contact you offline.
Regarding closing your account (after you regain control). Be prepared for more frustration. Based upon posts I have seen (in the Hotmail forum), if your mobile device has a MSN account, or if you have any billing accounts open with Microsoft, then Hotmail support will tell you that it is your responsibility to get these other accounts closed before they will close your Hotmail account. You may not even be aware that you have these other accounts.
I find it ludicrous that Microsoft tells their customers that they must first contact some other company (their mobile carrier) before their Microsoft account can be closed. My guess is that the back end systems (between Microsoft and their business partners) are not linked .... and rather than providing a single point of contact that takes responsibility for getting all associated accounts closed, Microsoft makes it the customer's problem (to get all other associated accounts closed before the Hotmail account will be closed). The closure process needs fixing.
I completely understand the security issues involved in verifying account ownership, but asking a customer to wait 24 hours (while being without their email) is a long time .... think about the information you would miss if your email account was unavailable to you for 24 hours.
But 24 hours is just the least amount of time the customer must wait. See this thread ... written by a customer who has been waiting since last August (not an exaggeration) to regain control of his account ...
... someone needs to contact this customer offline and help him regain access to his account.
Not sure how useful this will be. I am considering moving to Hotmail from Gmail basically because of better Outlook support. Unfortunately like mainensign says, DeltaSync isn't secure yet. That means I can't turn on full SSL permanently on the web-mail either. So it really becomes useless. To summarize:
- Wants to move to Hotmail for Outlook
- That means no full-session SSL
- Beats the purpose
You guys own Exchange ActiveSync. Your competitors have to pay you for that. But you also bear the burden of developing DeltaSync - which doesn't support secure connections. And DeltaSync supports pretty much all what EAS does except for notes and tasks (right?) And those features are widely requested - at least tasks - so you will eventually be implementing it for DeltaSync (of course, assuming consumer interest is taken seriously). So in the end you will end up developing two EAS effectively , so to say. To summarize:
- Under consumer DeltaSync needs to evolve into almost everything ActiveSync
- Effectively you will have to EAS systems to maintain eventually.
- You guys don't need to pay anything to implement EAS anyway.
Why doesn't Hotmail support EAS for the desktop or Outlook?
But you can use IMAP (or POP3) with GMail and Outlook.
What is the better support you are looking for here?
The Calendar integration? you can also do that (just separately, go to Google Calendar-->Settings and you will see), Outlook has support for "Internet Calendars".
What is missing for you?
@phistuck: Contacts are missing.
@phistuck: Also there are issues with the Sent Mail folder. (You shouldn't store your sent messages in [Gmail]/Sent because Gmail does that for you when you use their SMTP server.)
Sorry for two separate posts.
@phistuck: To continue from my last post; so Outlook doesn't know which folder is my Sent Mail folder and cannot indicate so. Does not break anything but it's something that I dislike to the point that I can't get myself to use Outlook for Gmail. Maybe I'm missing something?
(Damn! I'm so used to the edit option after posting! I'll try keep that in mind. Sorry now for three separate posts.)
I do not know enough to help you with the contacts, but it makes sense to me that there is a solution for it, you just have to find it.
Regarding the Sent Items issue, I think Outlook has some settings within the IMAP configuration, in which you can set the Sent Items folder to the right know and set the base string ("[Gmail]") for the folders. I am not entirely sure that it actually solves your issue, but I think it might.
Also, since GMail saves your sent messages automatically, you can simply configure Outlook not to save the sent messages - your messages should be saved regardless.
Additionally, you can just use the POP3 option and just get all of your e-mails stored in your computer. Note that you can configure GMail to let you download (with POP3, that is) all of the messages (sent and received) that are currently stored within your account, from the beginning, at any time.
Its great that accounts are protected but it is a nightmare to get you account unblocked
I have send 7 threads on the MSN solution site, 3 validations reset my password at least 5 times now and my account is still blocked 6 days later.
I have add this email address for 8 years and can not believe what is happening.
I seem to be going round and round in circles and not getting my account sorted its a nightmare when I have customers emailing me and I can not reply
Unlike Microsoft I believe in good customer service
POP is not sync.
Third-party solutions are discouraged by Google and generally don't work always. www.google.com/.../answer.py
No Contacts sync.
Best option for Google and Outlook is Google Apps Sync for paid users. I'll have to shell out $50/year for that. For sync. Not interested unless I want that 25GB space. Which is doesn't seem to be in the near future.
If I tell Outlook what is the Sent Mail folder it insists on saving my sent mail there. Which will result in duplicate copies because Google will auto-save them there again. If I tell Outlook to not save my sent mail then I'm not sure how to tell Outlook which is my Sent Mail folder. Basically, I can't do both - tell Outlook this is my Sent Mail folder AND not to save mail there. Again, I may be missing something.
@ Eric Doerr
Thank you for your response. I have now regained control of my Hotmail account BUT the hacker's email address (a Hotmail one) is still listed on my Account Overview page. Although I have added my email address to this page it appears that any attempt to delete his address would result in an email being sent to him as well as me! So, for now, I've left his address but would like to see it gone.
If you would welcome some constructive feedback from someone who has spent several days in the 'compromised account recovery process' then I'll connect up with you as a 'friend'. From a customer's perspective I have a few ideas that would help avoid some of the misery that compromised accounts causes.
Persist in your attempts to recover your account. When I lost control of my account I felt I had little chance of recovering it. There seemed to be so many people who got nowhere despite such a lot of effort. But I found a story of someone who'd been persistent, regained their account and encouraged others to do the same.
One final thank you. Your posts in this blog also helped me immeasurably.
After reading the article and looking into this a bit more, I have a couple thoughts on the topic to consider.
BHOs generally destabilize the browser and, unfortunately, have a rather lengthy history of being insecure and significantly slowing down the browser.
Password-based logins are the weakest link in account security these days.
Account security could be vastly improved with a PKI solution. StartSSL (StartCom, Ltd.) has figured out a way to do passwordless logins. They also have figured out how to automatically install client SSL certificates into the web browser's certificate store. Even with their impressive automated solution, it still takes a little effort to set up PKI properly but they're onto the right idea.
If Microsoft were to implement something similar, it should be an optional feature of a Live ID. You could call it "single-click login" or something like that. Implementing such a feature would allow users to completely disable the password-based login for their Live ID and use SSL client certificates instead. Plus, SSL client certificate support is found in every browser, on every platform, and in every cryptography toolkit. Microsoft also has a CA in the browser root certificate store in most/all browsers that can sign client certs, which is half the battle. Probably not what that CA certificate was likely created for, so someone internally is likely to grumble and complain about (ab)using it that way.
Or perhaps combine the SSL cert with a backup password login. That way, if the client SSL cert expires, the account accepts the password login until another SSL cert is set up.
This approach would work for multiple browsers and platforms and not require any special software to be installed.
I do not see commitment from the the so called Windows Live Solution Center in solving the hotmail issues. My hotmail accounts was blocked until now for unusual activities in which my friends never mention receiving any spam from my email account.
"it’s usually only a few minutes to recover your account yourself – so try that first before asking support to help." quote from your blog.
It's been 3 days for me, I think others been 6 months.
I think you need to rephrase this.
LOVE this breezy video leading all and sundry down the garden path to unblocking their hotmail. My day? Woke up to the news that my biblically-old hotmail account (which I have been warned by soooo many people not to rely on) had been blocked. Retrieve code? Impossible because the email on record on the dropdown was long expired and I had no way of updating. No worry. I navigated through ridiculous options and links to get myself a PIN and the assurance I'd be diverted to a private forum. Problem? When I punched in my PIN I was greeted by a giant red X and a notice it wasn't found. Wha the fuh?? I at least found an auto-reply that I had a 24 hour retrieval window and if I had proven myself worthy, I'd have my password reset on the GMAIL address I had provided. If not, I'd be notified on the private forum. Problem? The link to my exclusive private window led me back to the same generic Windows Live Help window I was greeted with when I first embarked on my adventure. Only now I was hobbled by my temp. auth. which made all attempts to actually hunt and gather any help impossible because I was, essentially, a tourist . I retried this retrieval process three times. No PIN, no private forum. Just the same auto-reply to my gmail account and the caveat not to respond to the email, as it would only get bounced to an unmonitored mailbox. STUPIDLY a legal case I have been working on for 2 1/2 years is on this account. i HAVE BEEN HERE ALL DAY TRYING TO CRACK THIS CODE AND I'M AGING EXPONENTIALLY. ERIC DOER PLEASE RESPOND.
Hi Eric i live in LA but im in south america right now for work, i have problems with my hotmail account and i have a lot information in my email that i need ASAP ...i dont know how can i contact with u directly...please help me!
MY HOTMAIL ACCOUNT IS RESTORED. Followup to my post above - third time was a charm. My best non-technical advice after surviving the trenches and the sheer cold clutch of panic that is the thought an email account might be gone forever? The third time that I filled out that retrieval form I wrote down 1) that the PIN didn't work, 2) nor the private chat. I wrote as many subject lines as I could remember and as many email addresses. I left them no doubt as to who I was. But I think the most important thing anyone can do is to go straight past the reset password and code retrievals options and forums to the retrieval form and write down that you have tried everything and can only communicate through the secondary email provided. Write your PIN is useless (but keep it on record) and private chat doesn't work. Less than 24 hours to restore and I must say I AM RELIEVED. Now if I can figure out what happened to cause this in the first place. Good luck all.
I have the same Kafkasque experience as nadineb who found a solution. she adivsed, "go straight past the reset password and code retrievals options and forums to the retrieval form." How is that accomplished. How to do that How to get to the retrieval form? Can anyone advise me?
@levinbob: after you fail the hurdles that are the password reset and code retrieval you are faced with the "Live help" link to be pressed only and if only everything else failed. It is through this link that you fill out all the information necessary to 1) get a PIN that doesn't work (which is your key to the private forum which is actually a door back onto the "street") SO... in the box provided convince the windows staff that you are indeed who you say you are and advise that you can only converse via the alternate email that actually works. As for me - I am still awaiting a reply to my question: how to breezily "change the prrofs" to ensure this doesn't happen again. In fact, I used the term Kafkaesque to describe trying to remove a dead obsolete email, add an active email and mobile number, only to be told that all confirmation has been sent to the dead address and changes can only occur by accessing it. If I get blocked again, I am just as F***ed as I was yesterday...
@choy, @carlag, @levinbob I sent you friend requests to talk with you offline about your efforts to work through the account recovery process. I'm sorry to hear that you're struggling through the validation experience. If you still need assistance, please respond to my request and we can investigate your cases further.
@nadineb I'm glad to hear that you were able to recover your account. We've exchanged some emails. Let me know if you still need assistance to secure your account.
When submitting a Windows Live validation request to the Windows Live Solution Center, the process will present a PIN. It is important to note the PIN. An email with a url link to the request will be sent to the alternate email address that was provided in the request. The PIN is unique to the url link. The PIN should be active for 30 days. If you submit a second validation request, you’ll receive a PIN that is unique to the second request. If other folks are experiencing a problem with a specific PIN and url link combination, please contact me privately as well and we can investigate further. Thanks.
@ Eric Doerr
I've been blocked....for a week.... You are the first glimpse of hope I've seen yet. Is there any way you can help me. I won't bore you with the details here.... but I've gone through all of the steps for recovery a few times. I have been given a couple of PINs.... but no response. I"m desperate as I'm in Europe and have to travel this week but my info is blocked.
Another one here who's been blocked....for a 2weeks.... I agree that you are the first glimpse of hope!! Can you help me as well? .. I've gone through all of the steps for recovery a few times. I have been given a couple of PINs.... but no response. I"m also desperate as I've had my hotmail account for over 10 years and have alot of work/personal info in there. Please reply...
I am another one that has been blocked for the last 2 week (not few minutes) I've tried to recover my account, I've answered questions, give al alternative email, gotten pin number to access the process a couple of times and nothing have worked. so far I have not been able to get my account back. I don't know what else to do. I have very important mails I urgently need to read and answer, from my work.
I need help!!!!
I am sorry but I have to say the solutions provide above are as the Scots say "a big pile of pish".
My Hotmail account was hacked and it took me a month to get it back. The hackers changed the alternate email address and phone number so this was useless. What is even more infuriating is that now that I have got my account back I cannot remove their email address and phone number without alerting them to the fact that this is happening. Every time I try to remove it says it will send an email to that address to confirm. I then marked the email address and phone number as Lost and have been waiting for almost a month and this still has not been removed from my account. What a joke!!
The account recovery process was a complete nightmare. I went through it twice and was validated as the owner of the account on the 2nd attempt. I believe the only reason I got it back was that I provided the exact Subject lines of emails. Providing my list of contacts was a waste of time because this was wiped when I gained access. A lot of stuff used to validate the account has already been wiped by the hacker.
Now to the most infuriating bit of all this total fiasco. I was told I was validated and an email sent to my alternate email address. Days passed and no email. I kept posting in the private forum but I there was no reply. I checked the public forums and could see people had posted on there - so I did that only to be told to post in the private forum - which I had done over 10 times only to be ignored. Eventually I got a reply on the public forum and was sent the password reset link.
Here is the biggest joke of all when I finally got into my account I found the Windows Live Team had been sending the password reset link to my hacked account!!! It looked as if when I chased it in the private forum they resent the link - even though I had posted at least 10 times on the private forum that I had not received the link and posted the email address I wanted the link sent to - they persisted in sending it to the hacked account.
If Microsoft value our privacy so highly why can I not remove the hackers email address and phone number without sending them an email? When I received the password reset link and went through the process - it asked me to set an alternate email address - which I did but when I got into the account it was still the hackers details. It is known my account was hacked - I was told there was suspicious activity on the account - I have been validated as the owner and sent a password reset link - why can I not remove the hackers details? I read on a forum that it takes a month for their information to be removed. This is ridiculous - as long as it is on there they could potentially gain access again.
By the way I forgot to say I have had the account for over 12 years and had a very secure password and rarely used public access computers. I can fully understand why they want to make it difficult to change the alternate email address and remove the phone number - but if an account has been hacked and this is known you should be able to remove the hackers details. So I have downloaded all the mail from the account and wiped the inbox and as soon as the hackers details are removed I am going to post this whole sorry fiasco on my blog and never use Hotmail again.
I am yet another person who has been blocked from my account.
Like many of the others who have posted on here I created my account a LONG time ago and at the beginning of the process the email it claims it is sending a code to doesn't exist. I didn't remember ever making that email but I tried to log in anyways but was unsuccessful and in trying to retrieve the password for that account I was informed that it was not in fact an account.
I am in university and my email is how I contact my family, university, and classmates for group assignments. Having my email is crucial and I have answered in EXTREME detail information about my account yet still nothing.
i had a email that i use for my university work and family which has been blocked. it says i must type a code which they will send to my alternate email to verify the account. when i write the code i am transferred to a page where i have to put the old password and my new one. After i do that and click next, it says sorry there has been a problem we're sorry for any inconvenience and thats it, it repeats the process over and over.