Sophos Cloud Optix
It has taken Yahoo a ridiculously long time, but it is finally rolling out an option that will help protect users’ privacy when accessing their web-based email – HTTPS.
Yahoo Mail has lagged behind competitors such as Hotmail (in the process of being rebranded Outlook.com) and Gmail by not allowing users to access their email through HTTPS.
If you don’t have full-session HTTPS turned on for your webmail, anybody on your WiFi network could read any of the emails you write and receive using a tool like FireSheep, as they are transmitted from Yahoo to your browser.
That’s because, without HTTPS, they are sent as unencrypted text.
If you are using Yahoo Mail, my advice is to enable this privacy option as soon as possible. Here’s how you do it:
- Select “Options/Mail Options” on your main Yahoo Mail screen
- Choose “General”
- Select “Turn On SSL”.
Bingo! You’re all done.
It’s unfortunate that Yahoo has made the HTTPS/SSL setting disabled by default, meaning that users are required to turn it on if they want better privacy. Hopefully in time, Yahoo will decide to enable the option by default – as it is with Gmail, Hotmail and Outlook.com.
Now, is it too much to hope that AOL might be the next to implement a HTTPS option for its email service?
Don't forget anyone with Sky emails are moving from Gmail to Yahoo soon
The option is not there for me. Any idea on how quickly this is being rolled out?
They say they have started to roll the option out – hopefully everyone will have it soon.
after “Turn On SSL” like you advice Invalid Server Certificate error appear when i try to log on yahoo mail
Its there. Mayne you still have "old yahoo"
It's there, goto the clog, hover over it and goto mail options. Then to the bottom & activate it.
Go to the tools on the top right hand next to the Home icon and click on Mail options scroll down and it's there
once you open yahoo mail look to the upper right corner and you will see the round sprocket (settings button) click that and it will open, click mail options and it will bring up the screen shown above
In the top left hand corner there is a 'cog' icon. Click it, select 'mail options'. 'Turn on SSL' is located at the bottom.
It seems to be available in the 'New' Yahoo (which I don't like), but not in the old classic yahoo.
I agree – I do NOT like the "New" Yahoo… have switched back to the original Yahoo email…
It's not there in the classic email… 🙁
Hi. I still have classic yahoo and the option is there, abeit, a little workaround.
I just performed it and now, it is https all the time and not toggling between http and https. Here’s the workaround:
1. Look for the upper right hand drop-down form populated with Profile as default.
2. Select Options from this drop-down menu
3. Hit the GO button after selecting Options
4. Under Advanced Options to the left panel, select SSL
5. Make sure to check the checkbox with the statement: Make your Yahoo! Mail more secure with SSL
6. Make sure you hit Save at the top
7. Now https to all your hearts content
Can’t read personal messages
New yahoo page with big grey envelope and eight hundred emails on the left. Have found no place to delete them. Just send them to junk file. Having problems opening most of the emails. Any answers?
How
Thanks for all the replies and suggestions. I’ve gone back to check and the option is just not there. I think this may be due to the fact that I have AT&T email powered by Yahoo. Looks like either it isn’t being made available to us or, hopefully, just not yet.
Click on the gear icon near your name on the right side of the mail window and you will find the Mail Options link.
I do not have a gear icon… I have looked all over the page..not there.
I have the gear but my options are Themes, Settings, Add Free Mail, Help, Privacy, Terms, About our ads, Account info. and that’s it, no option to fix it. Do you know what I should do?
Same thing here James. This thread may be too old now for anyone who knows to answer but I hope they will.
Its not there for me either.I have the dinosaur version.you’d think yahoo would let you know when there’s a new version
No folder labeled "Options" in my mail….
jamie look for the little thingy that looks like a gear . I found it at the top right next to my personal icon. click it and it will display mail options
Top left next to your name is select options and in the drop select mail options.
Try at the top right part of the page.
No SSL choice/option under General for me either.
I had to pick the "upgrade" choice for yahoo mail and THEN there was an option under General that allowed me to switch to SSL. Picking SAVE then did a refresh and asked for a password again….then it had an https: connection.
I have no option ether.
This is for the Updated mail accounts……not if you have the Yahoo Classic mail. If you have updated, use the 'gear' icon to find your Mail Options.
Not there for me either……
HTTPS is good but it should stay a user’s choice on a case by case basis, never a default.
Meseems you’re making an incorrect assumption, namely that all browsers are HTTPS capable.
i'm on sbcglobal but is (run by?) yahoo, and do not see https. No option to turn on either! Suggestions? Thanks.
I am on ATT Uverse and the option is there but in the right hand corner it looks like a cog or sprocket. Click that and go to options. See if that works. Did for me.
Thanks Jackie. Maybe it's not there due to the older sbc and not att(dotnet) email(?). The only sprocket is above the page, but is on the browser, not for email. Dang it. I do have u-verse though. Thank you for the suggestion. I may call them tomorrow.
Just to clarify, I have checked options on both my email addresses. One I use the 'classic mail' the other, the later updated version. Thanks!
Thank you! I just did it.
I want google to remember me each time I want to sign in.
You have to click on the cog/wheel thing in the upper right corner, then click 'mail options', 2nd on the list.
I'm still using Yahoo Classic, and I don't see the option anywhere.
I also do not have that option – Is the fact that AT&T merged my yahoo account with my AT&T account going to have any bearing on this? I would LOVE to deactivate my yahoo-account (period) but because they are merged I am unable to do it. So if I can set up secure email I would do that instead
Same here. Should it just appear, or is it part of an interface upgrade?
Next to your username in the upper right, you will see a gear. Click on that and Mail Options should appear in the dropdown menu.
had no idea about this. thanks for the heads up!
there's a cog wheel top right of the screen near your signed in name and home sign , click that and select mail options from there just follow the steps recommended by Sophos above
Thank you very much for this info I found by chance after googling Yahoo mail's problems with service. It is about time they deployed this much-needed feature. I was about to switch providers because of yesterday's security lapse but now am rethinking that decision. Thanks again.
I'm another Yahoo Classic user and don't see it. I'd like to know if Classic users will get this, too, so I know whether to bother checking periodically to see if it's been rolled out to my account yet.
It’s taken an absurdly long time for them to fix the problem. Two Yahoo users I know had their accounts taken over and used to transmit spam to people (including me!) in their address books. In both cases, I recommended to them that they change to Gmail. One listened to me. 50%: Not a bad average.
So it says it prevents "others accessing your account at internet cafes"… Is this even necessary if i am not working on a wireless network??
This option still not available on Yahoo classic email as of 1-8-12
Tried it out and now I can't seem to get back in to read my mail. any suggestions?
same problem for me, now I need a way in order to disable it and be able to read my mail again.
You will always have to enter your password.
Thank you – found it upper right corner (wheel)
Saying that the user HAD to "upgrade" their e-mail account before this feature was available would have been helpful!!
Done, thanks 🙂
Mary
Thanks Naked Security!
I wouldn't of even known about this if it weren't for your daily newsletters.
Doesn't appear on BT Yahoo email.
Graham, how about updating the piece to show it only applies to those using the updated version and not Classic. It is also not shown in the BT mail (my.name@btinternet.com) as that still uses the Classic interface.
I had to look for the cog wheel but had no problems after I did this. Yahoo just changed the look of the mail program and I'm still not used to it and not sure I like it but no choice except to change to another mail program and not ready to do that yet.
I am an ATT.NET user and am wandering around many screens in Yahoo and ATT but have not found the pages referred to with the mail options. If someone can figure this out from a log in with URL, and post it, it would be most appreciated.
Thank you!
Mechanic wheel>Mail Options>Check the box Turn on SSL It's good on shared computer networks.You well always have to enter your password to get in your mail,you can't just check the box Keep me signed in.
Hover over the "gear" at the upper right on your yahoo email screen.
Click on "Mail Options"
The Options tab will appear. Don't have to click it. You will already be in the General Settings page.
Scroll to the bottom of the page.
Click in the Checkbox next to "Turn On SSL."
Hit SAVE. (Yellowbutton)
Yahoo will relaunch in HTTPS.
Not available via BT Yahoo Mail, or so it would seem. The Options page is identical to the one in screenshot above, but doesn't have the SSL choice bit at the bottom – it finishes after Advanced Settings/Font choice. 🙁
Not available via BT Yahoo Mail, or so it would seem. The Options page is identical to the one in screenshot above, but doesn't have the SSL choice bit at the bottom – it finishes after Advanced Settings/Font choice. 🙁
Yahoo mail is coming up with error 15, what does this mean? I can't access my account since I turned on SSL
i`ve just checked my BTYahoo account & i can`t see the https option either.
Or is it just in yahoo mail that you don`t get the https option?
No SSL option on my BT-Yahoo mail either (I know how to get to the General page under 'Mail Optiopns.') ….. and I have NEVER been able to save the e-mails I have sent in the 'Sent E-mails' folder, DESPITE the fact that this option has always been checked (ticked). No way can you e-mail Yahoo help, none of their 'suggestions' help either. I believe there might be a premium rate 'phone number to call though – at around £1.50 per minute.
Unfortunately, as I am a BT customer, I think I'm lumbered with Yahoo – like it or not!
i did it now i get error 15, can't log in …..arg
after I clicked the ssl box in my yahoo mail option, I can not read any of my emails and I can not access to any of the inbox, contacts, etc. How can I remove the ssl and reverse back to the original yahoo mail. right now my yahoo mail box is useless.
thanks
bruce
mine has been marked from day 1 and my account has been hacked and still hacked, what do I do now. do i delete yahoo!!!
OK…this is another attempt to force Classic Yahoo Mail users into a lesser form of Yahoo web mail. This option is NOT AVAILABLE to those of us who do not like the new & improved version of Yahoo mail. (Yahoo doesn't know about the saying of "If it's not broken…DON'T fix it!")
Does anyone know when the SSL option will be available to ALL Yahoo users?
As of April 19th, Yahoo has been rolling downhill fast. Most of my e-mail options and most icons everywhere are gone!!! When I bring up mail, only half a screen shows when I have tons of mail. I have looked at the mail options, looked at changing text fixes, etc. NOTHING WORKS. I use Firefox FYI. Also, lately I have been seeing strange syntax strings on the login page, bottom left. They are not the normal yahoo string sites. I have scanned everything for all types of stuff. Running BitDefender, did not pick anything up. The other odd thing on Yahoo is that while reading mail the screen turns black for a nanosecond and comes right back. Last time when I used it, it would not let me sign out and after waiting for 9 hours, it said trying to load page.
I hate Yahoo, sorry. Tried to even e-mail customer service weeks ago, never heard back. Their home page is too small and their news is arranged so weird. I am going back to G mail, glad I am not a shareholder in this (expleted) company.
Thanks for this. But people shouldn't forget to click "Save." You might want to add that as a forth point. And also that the change can be confirmed with the padlock icon in the browser.
(I know it should be obvious, but some people might miss it – like I just did. Only realized after I didn't see the padlock icon.)
There no longer seems to be a print view in the new mail. The only way I can see to print an email is to print "everything"
Here's the cause for the missing options tab for me. You all know that Yahoo and Internet Explorer are now in bed with each other. If you are using Firefox for sure, and probably Chrome also, you will not be given the mail options tab. If you use I.E. you will get everything. All I did was switch back to I.E. [took 10 seconds] and there were the missing features.
Isn't this discrimination??
7/13/2013
Does anyone know how to get rid of the "me" when a message was written to me?
I'd rather it say my name. It looks very similar to gmail. I prefer the older version of yahoo… but when I go back to classic- all my contacts are gone. 🙁
Did you ever learn how to get rid of the “me” ?
Now, is it too much to hope that AOL might be the next to implement a HTTPS option for its email service?
Hi
I turned on the SSL option and screen selections disappeared from view eg reply to sender, reply to all and forward. Also the options button. They are still 'there' but no longer displayed. Only when I changed back to don't use SSL did they reappear.
This is the final straw – now I'm 'upgrading' to gmail.
Thanks for the web site
FWIW as of Oct 16th 2013. There is no "mail options" selection under the gear icon no matter what browser or computer I use. I've done all the "clear the cache" etc options. It just isn't there. On another note. If I log out of yahoo, then go to yahoo on another tab and attempt to get to mail, it puts me back in with out any authorization. So much for security.
But now I have to 'log-in every time I want to view my e-mails. How do I remove i SSL?
Also question the Certificate as I keep getting the red http:// as well as it being crossed out plus my anti virus putting yellow screen up as caution. This just started happening the last two times I logged in to mail. I have checked settings but does not have turn on SSL with the new Yahoo mail program. The one that is shown above is for the old yahoo mail. Been using Yahoo for over a decade this is the first time I have seen this.
Hi, everything is going fine here and ofcourse every one is sharing
information, that’s actually excellent, keep up writing.
I can’t even sign in though, I’ve been trying and trying
Hi,what would be my other option to still be able to make a copy of a document that came via email encrypted, since Yahoo Mail does not support encrypted emails with attachments? Thanks. C.
I have an old version.plus 2 others in my name.I want to delete and get newer version.I had it once .where I could delete all mess at once.now I barely have a trash bin.idk how to get newer version.
Hi, Now i have turned on the security settings i am no longer getting emails to m mobile. How do i keep getting emails to my Android?
Liam
I’m going to turn on. Thanks for sharing Graham.
How can I get a valid SSL certificate? also, turning on the option is going to effect my synced account on an android device?
you don’t need to do this in the new yahoo… I read some people don’t like it but I really do like it. Especially now that I can open the calendar or contacts and it automatically launches in a new window. And yes I know you can do this in the classic version with a right click. 😉
I do not want Oath and want to keep my old email