Yahoo gets rid of passwords and brings in email encryption

By on
Yahoo gets rid of passwords and brings in email encryption

Yahoo may no longer be the top-dog of search, but as one of the world's largest providers of free email services, it comes as no surprise that it wants to keep its customers safe and happy from breaches and email snoopers.

So, at this year's South by Southwest (SXSW) conference Yahoo unveiled its new email password system and email encryption feature.

The On-Demand password service means users will no longer have a specific password or pass phrase linked to their account. Instead, when you want to log into Yahoo's email client you're presented with a "send my password" button. Clicking this sends an automatic text  message with a time-sensitive code you can use to log in. Spend too long faffing around, or you miss the text, you'll need to request a new code to gain access to your email.

It's a very similar system to two-step verification, except it removes the largely redundant step of entering your password to then request a code.

While the service is only live for US users at the moment, a worldwide rollout for account holders is planned. Also, those using Yahoo's email client on an iOS or Android device can choose to set up app passwords to add an extra layer of security.

It will be interesting to see how useful this feature is, especially as it relies heavily on a Yahoo user having their phone near them to access emails.

End-to-end email encryption

Redefining the idea of password security wasn't the only announcement Yahoo had to make at SXSW, it also demonstrated a new version of PGP end-to-end encryption.

Expected to be up and running by the end of this year, Yahoo's encryption service is built on Google's Chrome browser PGP plugin technology. Designed to be useful to both private and professional users, Yahoo isn't encouraging users to encrypt every email they write. Instead, Yahoo sees it as a technology intended for particularly sensitive emails, such as financial documents.

Interestingly, PGP encryption only works if the email recipient also has PGP encryption activated.

As Yahoo, like Google, scans user's emails to serve up targeted ads, it comes as little surprise that it's encouraging users to only encrypt the occasional message. But, it's still a great step forward to see end-to-end encryption coming to Yahoo's email service.

This article originally appeared at

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © Alphr, Dennis Publishing

Most Read Articles

Log In

  |  Forgot your password?