It has taken Yahoo a ridiculously long time, but it is finally rolling out an option that will help protect users' privacy when accessing their web-based email - HTTPS.
Yahoo Mail has lagged behind competitors such as Hotmail (in the process of being rebranded Outlook.com) and Gmail by not allowing users to access their email through HTTPS.
If you don't have full-session HTTPS turned on for your webmail, anybody on your WiFi network could read any of the emails you write and receive using a tool like FireSheep, as they are transmitted from Yahoo to your browser.
That's because, without HTTPS, they are sent as unencrypted text.
If you are using Yahoo Mail, my advice is to enable this privacy option as soon as possible. Here's how you do it:
- Select "Options/Mail Options" on your main Yahoo Mail screen
- Choose "General"
- Select "Turn On SSL".
Bingo! You're all done.
It's unfortunate that Yahoo has made the HTTPS/SSL setting disabled by default, meaning that users are required to turn it on if they want better privacy. Hopefully in time, Yahoo will decide to enable the option by default - as it is with Gmail, Hotmail and Outlook.com.
Now, is it too much to hope that AOL might be the next to implement a HTTPS option for its email service?Follow @NakedSecurity