Security Experts:

Yahoo Enables HTTPS Encryption by Default for Yahoo Mail

As promised in an October 2013 announcement, consumer Internet giant Yahoo! has enhanced the privacy and security for its users by enabling HTTPS connections by default for all Yahoo Mail users.

“Anytime you use Yahoo Mail - whether it’s on the web, mobile web, mobile apps, or via IMAP, POP or SMTP- it is 100% encrypted by default and protected with 2,048 bit certificates,” Jeff Bonforte, SVP of Communication Products at Yahoo! wrote in a blog post Tuesday.

The HTTPS encryption will secure emails, attachments, contacts, as well as Calendar and Messenger in Mail, Yahoo said, protecting data and messages as they move between users' browsers and Yahoo’s servers. 

Also See: Expert Calls Yahoo's Implementation of HTTPS "Troubling"

Yahoo Mail users have had the choice to enable HTTPS for some time, but now all users will benefit from the secure connections by default.  

The move to the secure browser sessions by default follows similar moves by Facebook, which enabled HTTPS by default in July 2013, and Google, which set the HTTPS default in early 2010, but has had the option for users to do so since 2008.

Using HTTPS is increasingly beneficial when accessing Internet services from public networks such as Wi-Fi hotspots, and helps protect browser sessions from being snooped on by others.

view counter
For more than 10 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.