Why am I able to open and read e-mail messages in my Outlook mailbox without entering the password?

In Lotus Notes, it was not possible to see the contents of a mailbox without entering your Lotus Notes password first. In Outlook, you are able to see the contents of the mailbox on the screen before Outlook prompts your for the password. Furthermore, if you dismiss the password prompt in Outlook by clicking "Cancel" button, you are not only able to see messages in your Inbox and other folders but also to open them and read them. A lot of users who are new to Outlook suspect that this is some sort of security vulnerability, but there is no reason to worry because it is not.

What most people don't realise is that Outlook is using a different security model than Lotus Notes. In Outlook, users don't have a local ID file that stores their password as they did in Notes. Instead, Outlook relies on Windows security features to protect the contents of your local Outlook's mail file. The statement that you did not have to enter your password to see and read e-mails in your Outlook mailbox is hence incorrect, because in order to get inside Outlook, you had to log into Windows by entering your Windows password.

In the future, once your computer is connected to Active Directory, your Windows password will be synchronised with your Active Directory password via your UWin ID. For now, your Windows password is a password that was given to you (or that you picked) when your local Windows account was created on your computer. This is why it is important to have a strong and secure Windows password so that all data stored on that computer, including local copy of your Outlook's mail file, is well protected.

It's also important to note that the password that you are prompted to enter in Outlook is only used to unlock your Office 365 account in the Microsoft's cloud so that Outlook can synchronise cloud copy of your mail file with the local Outlook copy of your mail file. You will not be able to see any new messages, or to send any messages without re-entering this password each time you start Outlook, unless you checked the box "Remember my credentials" on your last password prompt.

There is no work around for this functionality because this feature is working exactly as intended and designed by Microsoft engineers.



Article ID: 9473
Tue 11/3/15 10:07 AM
Mon 10/4/21 1:15 PM

Related Articles (5)

How to duplicate Lotus Notes feature called "Send & File" that allowed the sender to save a copy of the sent message in a folder other than the default "Sent Items" folder.
Instructions for duplicating Lotus Notes' "All documents" view in Outlook for Windows
A workaround for Outlook 2013 limitation that does not include the attachment in the reply when replying to a message with an attachment.
Outlook 2013 allows you to have folders in any order you choose - you can re-arrange them however you see fit.
In Outlook, it is not possible to have an e-mail message appear in more than one folder. Therefore, all copies of sent messages would only appear in "Sent Items" folder after the migration, even if they were filed in other folders in Lotus Notes while being sent out. Also, messages stored in Inbox folder would no longer appear in any other folder that they may have been added to in Lotus Notes.