How to Change Your Password in Hotmail (Now Outlook)
If you've been using Hotmail for years, you may still think of your account that way — but Microsoft officially migrated Hotmail to Outlook.com back in 2013. The good news: your email address still works, your login still works, and so does the password reset process. It's all managed through your Microsoft account, which is the central hub for Hotmail, Outlook, OneDrive, Xbox, and more.
Here's what you need to know about changing your Hotmail password — including where to do it, what affects the process, and why your specific setup matters more than you might expect.
What "Changing Your Hotmail Password" Actually Means
Because Hotmail runs on Microsoft's infrastructure, your email password and your Microsoft account password are the same thing. You're not changing a standalone Hotmail password — you're updating the credentials tied to your entire Microsoft account.
This distinction matters because:
- Changing your password affects every Microsoft service you're signed into
- It may prompt re-authentication on all connected devices (phones, tablets, PCs)
- If you use two-step verification, you'll need a backup method (phone number, authenticator app, or recovery email) to complete the process
The Standard Way to Change Your Password
The most reliable method works from any browser on any device:
- Go to account.microsoft.com
- Sign in with your current Hotmail or Outlook email and password
- Navigate to Security in the top menu
- Select Change my password
- Enter your current password, then your new password twice
- Save the change
Microsoft will typically ask you to verify your identity before allowing the change — usually via a code sent to your phone or backup email. This is a security feature, not a bug. 🔐
Changing Your Password When You've Forgotten It
If you can't remember your current password, the path is slightly different:
- Go to the Outlook.com or Microsoft account sign-in page
- Click Forgot my password (or "Sign-in options" depending on the screen)
- Choose I forgot my password
- Enter your email address and complete the CAPTCHA
- Select a verification method — text, email, or authenticator app
- Enter the code you receive
- Create and confirm a new password
The key variable here is which recovery options you set up previously. If your recovery phone number is outdated or you no longer have access to your backup email, account recovery becomes significantly harder and routes through Microsoft's identity verification process — which can take days.
Changing Your Password on Mobile
If you primarily use Hotmail on a phone, the process runs through your device's Microsoft Outlook app or your browser. 📱
Via the Outlook mobile app: The app itself doesn't have a direct password change option — it's handled at the account level. You'll need to visit account.microsoft.com in a mobile browser, or go through your device's account settings if you've added your Microsoft account to your phone's native accounts.
On Android: Settings → Accounts → Microsoft account → you may see account management options, though full password changes still redirect to the Microsoft website.
On iPhone/iPad: If your Microsoft account is added through iOS Mail or Settings, changing the password on the Microsoft side will require you to re-enter credentials in those apps afterward.
Factors That Change How This Process Works
Not everyone's experience looks the same. Several variables shape what you'll actually encounter:
| Factor | How It Affects the Process |
|---|---|
| Two-step verification enabled | Requires a verification code before any password change |
| Recovery info up to date | Determines which reset methods are available to you |
| Managed/work account | IT admin may control password policies and resets |
| Microsoft Authenticator app | Can streamline verification or serve as a passwordless option |
| Device sync settings | More devices signed in = more places requiring re-authentication after a change |
| Browser vs. app | Some features only appear in the full browser interface |
Work, School, or Personal — It Matters
If your Hotmail or Outlook address ends in a custom domain (like @yourcompany.com) and was set up through Microsoft 365 for Business, your organization's IT administrator may manage password policies. In that case:
- You may not be able to change your password independently
- Password resets may go through a company portal or IT helpdesk
- Password expiry and complexity rules are often set by the organization
A standard @hotmail.com, @outlook.com, or @live.com address is a personal Microsoft account — you have full control over it.
Security Considerations Worth Knowing
When you change your Microsoft account password, a few things happen automatically:
- Active sessions on other devices are usually signed out — depending on Microsoft's current session management behavior
- App passwords (used for older apps that don't support modern authentication) may need to be regenerated
- Saved passwords in browsers like Edge or Chrome will need to be updated manually
Microsoft recommends using a strong, unique password — at least 12 characters with a mix of letters, numbers, and symbols — and enabling two-factor authentication if you haven't already. This is particularly important for email accounts because they're commonly used to reset passwords for other services.
When Account Recovery Gets Complicated
Standard password changes are straightforward when you're signed in. Recovery becomes more complex when:
- You no longer have access to your recovery phone or email
- You're trying to recover an account that's been inactive for a long time
- Someone else may have changed the recovery info (compromised account)
- You're using a very old Hotmail account with outdated security settings
In these cases, Microsoft's account recovery form asks for information to verify your identity — things like previous passwords, account creation details, or contacts you've emailed. The success of that process depends heavily on how much verifiable history exists on the account.
How smoothly your own password change goes depends on the current state of your account security settings, the devices you're using, and whether you're working with a personal or managed account — factors only you can fully assess from where you're sitting.