I am so grateful I left Windows and move to Linux.
Best decision of my life… After initial set up, it works better than microshit whore OS. You pay but it does not love you.
Outlook has nothing to do with the OS though? You can get the same Outlook app on MacOS too.
| Creates account with service provider
| Surprised when megically, service provider has password
I don’t get it.
Service providers aren’t actually supposed to know your password. Passwords should always be sent after hashing on client side. Only the hashes are matched on server side.
Edit: Not accurate, read replies.
nope hashing is usually done server-side.
also counter-intuitively server-side hashing is considered more secure than client side (in case of client side hashing hash becomes the password)
I’m not an expert in this, and I did look around after reading your comment. Looks like the password is usually sent as-is, then hashed server side, and matched against hashes in the database. So, the hashes are what’s stored in their database. So, ideally, the server shouldn’t know your password. Also, it can be hashed from client side too, but that becomes redundant since everything is tls encrypted anyway.
What a clickbaity article. I’m all for exposing bad stuff but this article presents zero proof of it transferring passwords. It also fails to highlight the manner of how data voluntarily synced to MS is handled. All in all it doesn’t do anything but trying to steer users to it’s own services.
It is very easy to find other sources making the same claim, such as this one which includes an image of allegedly posted json including passwords.
Nice timing. I don’t see how warning you that your email passwords will be kept remotely by Microsoft would be “redundant.” Many people will assume from that message that it would only send them all your mail, and the even more carelessly optimistic among us might guess that it would be end-to-end encrypted as it obviously should be.
So reading another article (https://www.heise.de/news/Microsoft-lays-hands-on-login-data-Beware-of-the-new-Outlook-9358925.html )makes it more clear. If you consent to syncing IMAP account to outlook then it will transfer IMAP username password and mailserver config to Outlook.
I mean, they could have specified that your IMAP credentials would be synced, but it’s redundant considering you’re telling it to sync.
I know, right? Jesus I hate bullshit tech “reporting” like this. This particular comment just smacks of outrage “journalism”:
Microsoft gets full access to mails, calendars and contacts!
The old outlook was just perfect, the new one is positively abhorrent. I swear if they force one more app to me I’m going to purposefully stop using it altogether
I don’t see how this is any different from adding another e-mail account on gmail.
The program it replaced didn’t do this, hence the surprise. You could be using the old program, and one day windows update it with this new program, and suddenly your passwords are uploaded to Microsoft cloud service when you launched it. People would similarly surprised if K-9 mail upcoming replacement, Thunderbird mobile, suddenly store your password in the cloud.
Why is someone using Outlook to sync a different email address?
Why not keep the apps separate? Or use the Mail app built into Windows?
Seriously, someone explain the use case here because I don’t understand. If you’re using an outlook account, MS already has all that stuff. And if you don’t have an Outlook account, why are you using Outlook?
Or use the Mail app built into Windows?
So the gist is the default mail app is being “upgraded” by Microsoft to Outlook for Windows app, so your account credentials previously stored in the mail app now got uploaded into the cloud.
