I received this e-mail. It looked legit, but I never asked to reset my password. Do you think it's for real?


You recently asked to reset your Microsoft Passport Network password by e-mail.
Follow the instructions below to reset your password, or to cancel your password
reset request.

TO RESET YOUR PASSWORD:

1. Select and copy the following Internet address.

https://accountservices.msn.com/EmailPage.srf?emai...

2. Open a browser, paste the link in the address bar, then press Enter or Return
on your keyboard.

IF YOU DID NOT REQUEST TO RESET YOUR PASSWORD:

1. Select and copy the following Internet address.

https://accountservices.msn.com/EmailPage.srf?emailid=82cba328c2499e8...

2. Open a browser, paste the link in the address bar, then press Enter or Return
on your keyboard.

Thank you,

Microsoft Passport Network Customer Support

NOTE:
Please do not reply to this message, which was sent from an unmonitored e-mail
address. Mail sent to this address cannot be answered.

Hi, I don't know for sure if the mail is authentic - my guess is that it is. If it is authentic, then it sounds to me like someone may have tried to hack your MSN account and take control of it. I'm afraid this is very common - happened to me - but as long as your secret question is secure and unguessable, you should be ok.

What happens is, I think, a hacker pretends to be you and claims to have lost the password (to your account). MSN gives you the option of setting a new password after you have proved your identity by answering your secret question - hackers go this route to try and find easily guessable secret questions. Or, MSN will resend your password to your Hotmail account (I can't see how this helps, but maybe I have misunderstood the process).

It seems that in your case, someone has activated this second option. Of course, it may have happenend innocently, if you use a shared computer.

As a safety measure, check your secret question and tighten it if necessary, and change your password (preferably to something cryptic containing letters and numbers that you can remember).

On the subject of "secret" questions, it's sometimes a good idea to create a "memorable lie" over using the truth. As an example, the one commonly used by banks and credit card companies and sometimes offered as one of the "default" secret questions, "What is your mothers maiden name?" can be extremely insecure due to the numbers of websites that aid in tracing your family trees. Personally, I'd answer such questions with something that is memorable, but completely untrue, such as "Beeblebrox" (at least, it's memorable to Douglas Adams fans )--it greatly reduces the chances of your being "engineered"...

Absolutely right Craggle - good advice!

When my Hotmail account was hacked through my easily guessable secret question ('favourite football team'), I left the question as it is and provided a 'cryptic' answer: about 15 random letters and numbers.

It is some comfort to imagine how much time the next hacker will waste going through the English football league... (92 teams).

Your memorable decoy answer is a good idea Craggle.

Thanks everybody. It does sound like someone tried to hack my account. I wonder if it's someone I know, trying to get some information, or a spammer. I guess I'll never know. Thanks for the advice.

Yea for personal information at the bank, credit cards, etc, I use a cryptic unusual name for the mother's maiden name.

For passwords to hotmail or yahoo, it is best to use the letters number combination and not something that is found in any dictionary in any language!

Hi there, I received the same email as Bill2004 in my hotmail from Microsoft Customer Support to reset my windows live password. Thing is i did not request to change my password. I went to the cancel password reset option and it came up with another page asking me to type in my windows live id which i done and received this message over and over again.

The Windows Live ID is incorrect. Please try again.

My account is not associated to any other account so i do not understand this, does anyone know why i am getting this message i have tried to contact customer support and they keep telling me to select the cancel option even though i told them that this option is not working for me.