Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Email Security

Yahoo Enables HTTPS Encryption by Default for Yahoo Mail

As promised in an October 2013 announcement, consumer Internet giant Yahoo! has enhanced the privacy and security for its users by enabling HTTPS connections by default for all Yahoo Mail users.

As promised in an October 2013 announcement, consumer Internet giant Yahoo! has enhanced the privacy and security for its users by enabling HTTPS connections by default for all Yahoo Mail users.

“Anytime you use Yahoo Mail – whether it’s on the web, mobile web, mobile apps, or via IMAP, POP or SMTP- it is 100% encrypted by default and protected with 2,048 bit certificates,” Jeff Bonforte, SVP of Communication Products at Yahoo! wrote in a blog post Tuesday.

The HTTPS encryption will secure emails, attachments, contacts, as well as Calendar and Messenger in Mail, Yahoo said, protecting data and messages as they move between users’ browsers and Yahoo’s servers. 

Also See: Expert Calls Yahoo’s Implementation of HTTPS “Troubling”

Yahoo Mail users have had the choice to enable HTTPS for some time, but now all users will benefit from the secure connections by default.  

The move to the secure browser sessions by default follows similar moves by Facebook, which enabled HTTPS by default in July 2013, and Google, which set the HTTPS default in early 2010, but has had the option for users to do so since 2008.

Using HTTPS is increasingly beneficial when accessing Internet services from public networks such as Wi-Fi hotspots, and helps protect browser sessions from being snooped on by others.

Written By

For more than 15 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Cloud Security

Cloud security researcher warns that stolen Microsoft signing key was more powerful and not limited to Outlook.com and Exchange Online.

Compliance

Government agencies in the United States have made progress in the implementation of the DMARC standard in response to a Department of Homeland Security...

Email Security

Many Fortune 500, FTSE 100 and ASX 100 companies have failed to properly implement the DMARC standard, exposing their customers and partners to phishing...

Artificial Intelligence

Two of humanity’s greatest drivers, greed and curiosity, will push AI development forward. Our only hope is that we can control it.

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Cybercrime

Enterprise users have been warned that cybercriminals may be trying to phish their credentials by luring them with fake emails that appear to be...

Cybersecurity Funding

Los Gatos, Calif-based data protection and privacy firm Titaniam has raised $6 million seed funding from Refinery Ventures, with participation from Fusion Fund, Shasta...