Thought this article, Microsoft beefs up Hotmail password security, was worth sharing:
Hotmail users have been able to answer a security question or have an e-mail sent to an alternate e-mail address when they need to get into their locked account, either because it was hijacked or because they forgot the password. Those systems can be problematic as many people forget the security questions or they can be easily figured out by strangers with enough Web research.
Now, they can register a mobile phone number that a secret code can be sent to via SMS so they can reset the password. And they can also use a trusted computer that they have registered with Hotmail in advance so that if that computer is used, Hotmail will automatically trust the communication and allow the user to reset the password.
Also, always-on SSL encryption (Microsoft lets Hotmail users set encryption by default) is cool too.