What a clickbaity article. I’m all for exposing bad stuff but this article presents zero proof of it transferring passwords. It also fails to highlight the manner of how data voluntarily synced to MS is handled. All in all it doesn’t do anything but trying to steer users to it’s own services.
It is very easy to find other sources making the same claim, such as this one which includes an image of allegedly posted json including passwords.
Nice timing. I don’t see how warning you that your email passwords will be kept remotely by Microsoft would be “redundant.” Many people will assume from that message that it would only send them all your mail, and the even more carelessly optimistic among us might guess that it would be end-to-end encrypted as it obviously should be.
So reading another article (https://www.heise.de/news/Microsoft-lays-hands-on-login-data-Beware-of-the-new-Outlook-9358925.html )makes it more clear. If you consent to syncing IMAP account to outlook then it will transfer IMAP username password and mailserver config to Outlook.
I mean, they could have specified that your IMAP credentials would be synced, but it’s redundant considering you’re telling it to sync.
I know, right? Jesus I hate bullshit tech “reporting” like this. This particular comment just smacks of outrage “journalism”:
Microsoft gets full access to mails, calendars and contacts!