Apparently, typing the code
where $ = name of the password textbox
In the case of Hotmail, the textbox name is i0118:
I have tested this on a couple of other websites, as demonstrated below:
I have only tried this in Firefox, but I am assuming it would also work in Internet Explorer and other browsers. Obviously, given the steep requirements for this to work, the likelyhood of successfully obtaining access to an account using this method is minimal at best and would probably not work in a real-life situation. I however think that tons of pranks can be made by exploiting this bug and using it on non-savvy PC users.