OT MSN password changes spontaneously?

[John Doe]

These are the only real possibilities, right?
I forgot having changed the password between yesterday and today.
Someone hijacked my account.
Microsoft's servers got messed up.

A major overhaul was done to my Firefox profile, but MSN/Hotmail/Live
apparently doesn't allow saving the password anyway, so I always use
a script to sign in. Whether they do or not, point is, it's always
entered by a script. How could it would have to do with my Firefox
profile? Unless maybe Microsoft rejects certain location changes.
Sometimes I do use a VPN now. But the problem was stated to be an
incorrect password.

Thanks.

 

[Paul]

These are the only real possibilities, right?
I forgot having changed the password between yesterday and today.
Someone hijacked my account.
Microsoft's servers got messed up.

A major overhaul was done to my Firefox profile, but MSN/Hotmail/Live
apparently doesn't allow saving the password anyway, so I always use
a script to sign in. Whether they do or not, point is, it's always
entered by a script. How could it would have to do with my Firefox
profile? Unless maybe Microsoft rejects certain location changes.
Sometimes I do use a VPN now. But the problem was stated to be an
incorrect password.

Thanks.

Do you have Java installed ?

Did you visit Yahoo at all in the last few days ?

There is an exploit going around, that affected a couple million people.

Java is not installed here (at least, not at the moment).

Paul

 

[...winston‫]

These are the only real possibilities, right?
I forgot having changed the password between yesterday and today.
Someone hijacked my account.
Microsoft's servers got messed up.

A major overhaul was done to my Firefox profile, but MSN/Hotmail/Live
apparently doesn't allow saving the password anyway, so I always use
a script to sign in. Whether they do or not, point is, it's always
entered by a script. How could it would have to do with my Firefox
profile? Unless maybe Microsoft rejects certain location changes.
Sometimes I do use a VPN now. But the problem was stated to be an
incorrect password.

Thanks.

MSFT does not change anyone's password spontaneously.

Max password length is 16 characters for all Outlook.com, Live.com,
MSn.com, and Hotmail.com, and 3rd party email addresses used as a
Microsoft Accounts.

A longer password can be entered but only the first 16 will be used for
signon.

A variety of security proofs are in place on the backend server during
signon validation though not all have been made public. 'Location
checking' using some form of comparison algorithm has been suspected for
some time and most likely in place for at least a few years. i.e. if
the normal location is one place and a password signon or change request
appears from another location (e.g. New York and then from Moldavia or
different time zones) additional security related actions may be
necessary - request to validate the account by using a code to alternate
email, sms text, captcha character entry. Those additional requests can
be issues with or without the account having been configured for 2-Step
verification.
http://windows.microsoft.com/en-us/windows/two-step-verification-faq

http://winsupersite.com/cloud/enable-and-use-two-step-authentication-your-microsoft-account

All MSFT accounts should take advantage of the multiple security proofs
- alternate email, phone number, secret Question, Trusted PC, Recovery
code, and two step verification.