• Skip to primary navigation
  • Skip to main content
  • Skip to footer
  • Home
  • Advertise With Us
  • Contact
  • Cookie Policy
    • Privacy statement (CA)
    • Cookie policy (CA)
    • Privacy statement (UK)
    • Cookie policy (UK)
    • Privacy statement (US)
    • Cookie Policy (US)
    • Privacy statement (EU)
    • Cookie policy (EU)
    • Disclaimer

TechWalls

Technology News | Gadget Reviews | Tutorials

  • Reviews
  • Tech Guide
  • Home Improvement
  • Gadget & Apps
  • News

Better Late Than Never for Yahoo Mail’s SSL Encryption

Updated on Oct 28, 2013 by Guest Authors

For Yahoo Mail users, it gives a sigh of relief to know Yahoo is taking its Web mail security infrastructure to a higher level. The Sunnyvale company is rolling out SSL encryption as the default security setting for all Yahoo Mail accounts beginning January 8, 2014.

The SSL layer of security works to encrypt the transfer of emails from a computer browser to the host server, in the process securing the communication from eavesdroppers, including the National Security Agency.

Late SSL Adoption

Yahoo’s adoption of SSL encryption began in early 2013, way behind the rest of its competitors in terms of Web mail services such as Google’s Gmail and Microsoft’s Outlook.com. In 2010, Google compulsorily implemented the HTTPS encryption for all Gmail users after launching it in 2008. When Microsoft ditched Hotmail for Outlook in 2012, SSL also became the default security setting.

Other Internet titans followed suit, including social networking site Facebook, online payment PayPal, CRM company Salesforce and giant retailer Amazon.

yahoo-mail-ssl

The SSL encryption, however, is not coming to mobile devices anytime soon due to lack of mobile app support for this standard. Insecure logins remain the norm for mobile users who access their Yahoo accounts through the mobile app, leaving them susceptible to online hackers at large.

Recent Yahoo Security Breaches

While Yahoo’s latest move comes as a welcome development, it is lamentable that it took several major security disruptions on its Web mail service for the company to finally catch up. Yahoo’s cross-site scripting has been one of the vulnerabilities exploited by attackers to break through security walls. The XSS flaw allowed snoopers to steal cookies stored in various computers.

In November 2012, a hacker from Egypt sold that exploit for $700 to hijackers, exposing thousands of users to malicious links and websites. Still, 400 million Yahoo Mail users fell into another DOM-based XSS loophole, which was discovered by security researcher Shahin Ramezany.

In early 2013, a deluge of spam and phishing attacks descended upon New Zealand’s major email service provider, prompting both Yahoo and Telecom to reset nearly 60,000 passwords for users.

How SSL Works

All of these security breaches would have been abated had Yahoo only implemented the SSL encryption long before. SSL protects sensitive data transmitted across the Internet so that only the intended recipient can read the information. Any malicious computer machine between the sender and receiver could view that data in the absence of such encryption tools.

SSL certificate also verifies the information sent to a server. This authentication process helps users to ensure they send their sensitive and personal data only to the right server, not to a harmless machine pretending otherwise. Most companies address this trickery by using a Public Key Infrastructure with SSL certificate from a trusted SSL provider.

Disclosure: We might earn commission from qualifying purchases. The commission help keep the rest of my content free, so thank you!

Reader Interactions

Comments

  1. Jijin Mohan says

    Oct 29, 2013 at 1:41 am

    Great Job by Yahoo. Thanks Jay for sharing news and informing all. Its a sight of relief for we all. i have my personal email id of yahoo only.

    • Jay Decenella says

      Oct 29, 2013 at 11:11 am

      You’re welcome, Jijin. Perhaps you want to try other webmail services? :)

Footer

Review of the Waterpik Evolution and Nano Water Flosser Combo Pack

Transparent Shaving: The yoose ICE Electric Shaver Review

INKBIRD IBS-TH5 Review – Smart Thermo Hygrometer with E-Ink Display

LISEN MagSafe CD Phone Holder for Car Review

Follow TechWalls

YoutubeFacebookTwitterInstagram

Recent Posts

  • Review of the Waterpik Evolution and Nano Water Flosser Combo Pack
  • Transparent Shaving: The yoose ICE Electric Shaver Review
  • The Hidden Cost of Cryptocurrency: Bitcoin’s Energy and Water Footprint
  • Free Places To Sleep Inside Hong Kong Airport During Long Transits

Copyright © 2023 · All Rights Reserved

Manage Cookie Consent
We use technologies like cookies to store and/or access device information. We do this to improve browsing experience and to show personalized ads. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional cookies Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
Manage options Manage services Manage {vendor_count} vendors Read more about these purposes
View preferences
{title} {title} {title}