That is, not log off when you quit the page. Outlook keeps asking me if I want to do that.
shareDepends on where you are - at home alone, no problem. In a shared office, not so much. In a public place, just no!
shareWhat kind of email protocol do you use ... IMAP or POP?
IMAP keeps a connection open and might could conceivably get hacked, while POP just opens a quick connections to download your mail and closes the connection. But Outlook, being a MicroSoft product and probably run on a PC is probably less than secure. No reason to keep the connection open when you are not using it, so I'd think sign-off.
IMAP is not more hackable than POP3... though Google (wanting you to use their ad delivery service) does claim using anything other than a Google app is insecure. An open socket does not mean you have an insecure connection either, the connection is through SSL so even if someone managed a man in the middle they wouldn't get anything.
shareIMAP is definitely more hackable than POP, Open sockets can be spoofed.
shareBut SSL denies the man in the middle attack, so open sockets can't be spoofed.
If I might, POP3 can be spoofed in the same way IMAP can be spoofed in the same way your internet browser can be spoofed. Sure, anyone can send you a packet claiming they're communicating from a source they aren't... but the keychain verifies certificate is from who it claims to be from, and furthermore you require the private key to decode the communication.
If there is a door, there is a lock, and if there's a lock, someone can pick it. That's been the history of Internet hacking.
shareAre you using Outlook Web App, or the desktop client? The web app probably expects you to be using it from a public computer which is why it offers you the ability to log off. There is nothing inherently insecure about leaving the connection open, or even just not clearing your cookies. The issue is more about if someone goes into your house and uses your computer without your permission, then they'd have access to everything you have left signed in.
shareWell thanks everybody. I guess the consensus is it's OK to stay logged on if it's a home computer, so logged on I will stay.
shareOn an app I leave it signed in. On a browser, whether I'm home or not, I log out after every session.
sharehaven't used outlook since the 90s. i get my email on the browser (yahoo & gmail).
share