How to Change Your Hotmail Password (Step-by-Step Guide)
Hotmail has been part of Microsoft's email ecosystem for decades, and while the service now runs under the Outlook.com umbrella, millions of users still refer to their accounts as Hotmail. Whether you've forgotten your password, suspect your account has been compromised, or simply want a security refresh, changing your Hotmail password is straightforward — once you understand how Microsoft's account system is structured.
Hotmail and Microsoft Accounts: What's Actually Happening
When you change your Hotmail password, you're not just changing access to one email inbox. You're changing the password for your Microsoft account — the single login that may also control OneDrive, Microsoft 365, Xbox, Teams, and any Windows device signed in with that email.
That distinction matters. A password change ripples across every connected service and device. It's worth knowing that before you start, especially if you're signed in on multiple devices or use Microsoft apps professionally.
How to Change Your Hotmail Password From a Browser
This is the most reliable method and works regardless of which device you're on. 🖥️
- Go to account.microsoft.com and sign in with your Hotmail address.
- Navigate to Security in the top navigation menu.
- Select Change my password under the Security basics section.
- Enter your current password, then your new password twice to confirm.
- You can optionally check a box to sign out of all other Microsoft devices, which is strongly recommended if you're changing your password for security reasons.
- Click Save.
Microsoft enforces minimum password requirements: a mix of uppercase and lowercase letters, numbers, and symbols, with a minimum length. Passwords that are too simple or recently reused will be rejected.
How to Change Your Password If You've Forgotten It
If you can't sign in at all, the process routes through Microsoft's account recovery flow:
- Go to login.microsoftonline.com or the Outlook sign-in page.
- Enter your Hotmail address and click Next.
- On the password screen, select Forgot my password.
- Choose a verification method — Microsoft will offer options based on what's on file, such as a recovery email address, a phone number (for a text code), or the Microsoft Authenticator app.
- Complete verification and follow the prompts to set a new password.
The recovery options available to you depend entirely on what you set up when you created the account. If none of those options are accessible anymore, Microsoft provides a more involved identity verification form where you answer questions about your account history to prove ownership.
Changing Your Password on Mobile
On iOS or Android, if you use the Outlook app:
- The app itself doesn't have a built-in password change screen.
- You'll need to visit account.microsoft.com through a mobile browser, or use the dedicated Microsoft Authenticator or Account app.
- After changing your password via the browser, the Outlook app will prompt you to sign in again with your new credentials.
This is a common point of confusion — people change their password on the web and then wonder why their phone's email stops syncing. It's expected behavior. Re-entering the new password in the app's settings resolves it.
Variables That Affect the Process
Not every user hits the same experience when changing their password. Several factors create meaningfully different paths:
| Variable | How It Affects the Process |
|---|---|
| Two-step verification enabled | You'll need to approve the change via a second method (app, text, email) |
| Work or school account | Password changes may be controlled by an IT administrator, not you |
| Microsoft 365 subscription | May require signing out and back in across Office apps |
| Passkey or passwordless login | You may use a PIN or biometric instead; password change works differently |
| Multiple devices signed in | Each device will need re-authentication after the change |
| Recovery info out of date | Makes forgotten-password recovery significantly harder |
Security Considerations Worth Knowing 🔒
Two-factor authentication (2FA) is separate from your password. Changing your password doesn't disable 2FA, and enabling 2FA doesn't replace your password — they work together. If you're changing your password because of a suspected breach, enabling 2FA immediately after is a standard next step.
Microsoft also offers passwordless sign-in, where you authenticate using the Microsoft Authenticator app, a PIN, or biometrics instead of a traditional password. Users who've enabled this may find the password change process slightly different, since the password itself plays a less central role in daily access.
Strong passwords in Microsoft's system generally means at least 8–12 characters with character variety, though longer passphrases (a string of random words) tend to be both more secure and easier to remember.
When the Standard Process Doesn't Work
A few scenarios create friction:
- Account locked due to suspicious activity — Microsoft may require additional identity verification before allowing any changes.
- No access to recovery options — The identity verification form is a longer process and isn't guaranteed to succeed if account history answers can't be verified.
- Managed or enterprise accounts — If your Hotmail-style address is actually a work email managed through Microsoft 365 Business, your IT department controls password resets, not you.
- Browser autofill conflicts — Saved passwords in Chrome, Safari, or Edge sometimes create confusion about whether the password was actually changed. Clearing saved credentials and re-entering manually avoids that issue.
What Determines How Straightforward This Is for You
For most personal account holders with up-to-date recovery information and a standard consumer Microsoft account, changing a Hotmail password takes under two minutes. The process becomes more layered depending on whether your account has 2FA configured, how many devices are signed in, whether you're locked out, and whether your account falls under individual or organizational management.
Your specific combination of those factors — the recovery methods you set up, the devices you use, whether your account is personal or work-linked — determines which path through this process actually applies to you.