Forum > News from Free WEB Email- Password changes...


Scott Hamilton:
All- if you are using the FREE Web Based email there are password requirement changes on the horizon.
Free Web Email
Here is the email from
Hello Scott,   
In an effort to increase security for you and your end users, is releasing an update to password requirements on Thursday, April 5th.   This update will not impact customers upon deployment, as it will only enforce stricter password requirements when users change their passwords or when creating a new user.  Existing users with weak passwords will not be forced to change their password.   
For reference, below are the new password requirements:   
* At least eight characters in length
* No more than 20 characters in length
* Contain at least one number [0-9] character
* Contain at least one special character from: !@#$%^&*()~`-=_ []\{}|:";',./<>?
* Contain at least one upper-case and lower-case letter
* Cannot match the account login name or email addressIf you have any questions about this update, please open a support case and we’ll be glad to help answer your questions. 

We do plan to work with you in the future to update weak user passwords, and will make an announcement well in advance. Technical Support


Scott Hamilton:
New Update... Posted... FYI...

From Admins...

We have two announcements of upcoming changes to our environment.

First, in the past, our auto locking features have only been enabled on outbound spam caught by our spam detection engines. Starting June 14th, we are also going to start auto locking users based on feedback loop reports. Feedback loop reports are end users who were recipients of email from one of the users and clicked on a ‘this is spam/abuse’ link in their email/webmail. Our statistics on the thresholds we’re using do not show a significant increase in auto locks, but it will help control the overall spam going on, as yet another automatic tool to stop spam.   

Second, with our recent password change scheme, some users are still at risk with their passwords being compromised and may never know this. Also on June 14th, we are implementing a rate limit for entering in a password incorrectly. After five (5) attempts for a password being entered incorrectly, our automated system will make the account inaccessible for a short period of time. Users experiencing sudden blackouts of email programs being unable to connect may want to log into web mail and change their password. All paid services have admins that can update their end-user passwords as needed to assist them with this.

As a reminder, please make sure you and your end-users adhere to the new password policy requirements we implemented at the beginning of April. This will help cut down on accounts being compromised by brute-force hacking a password.

If you have any questions, please open a support case and we'll be glad to help answer them.

Thank you, Technical Support 


[0] Message Index

Go to full version