Wake Up Yahoo: You’re the Security Problem… Not Me!
A while back, we published an article urging those with Yahoo accounts to close their accounts and get a Gmail account or an Outlook.com account. We still recommend that you cancel your Yahoo account by following the instructions here. However knowing that many will continue to keep and use their Yahoo accounts, because they’ve had them for a such a long time, we maintain an account with Yahoo, that we use only for testing.
Yahoo Tries to Shift Blame to Its Users With New “Improve Your Security” Campaign.
While we are all very much responsible for our Web safety, and we don’t disagree with what Yahoo is telling its users, we do disagree with Yahoo’s reluctance to take responsibilty for the data breeches that affect over one billion Yahoo users.
While the advice they give users via weekly “security reminders” is not wrong, it’s also not the cause of a billion users having their personal data stolen. By sending out mails like this every week, they’re trying to deflect blame and place the burden of data loss on Yahoo Mail users.
I have never received an apology from Yahoo, but this is at least the 5th mail I’ve received from them reminding me to “take action to improve the security” of my Yahoo Mail.
You will get these reminders from Yahoo if you access your mail using an email program (in my case, Thunderbird). I don’t get notices like this from Gmail or Outlook.com, just Yahoo. And as far as I know, neither Gmail nor Outlook has had one billion of its users’ accounts compromised.
When will Yahoo wise up and send an email to all of their users apologizing for they shoddy security, aging and outdated infrastructure, and poor management? My guess is never.
In the email they sent me ( at least 5 times now) they’re telling me that I shouldn’t check my Yahoo Mail with a mail program (Thunderbird)- that to be safe I should log into my Yahoo Mail on the Web. Right! I should log into my Yahoo Mail on the Web so they can make additional money by displaying ads on all the Yahoo pages, and in my email displayed on Yahoo’s Web site.
Now if they would use the money they make from all this advertising to upgrade their mail servers, personnel and security, I might just be tempted to log on to Yahoo Mail on the Web and let them flash me a few ads. While they shell out billions for golden parachutes for fired executives who’ve driven Yahoo into the proverbial ground, and apparently haven’t invested much in security to keep Yahoo users reasonably safe, I am doubtful they’ll start doing the right thing now.
Thunderbird is a secure mail client and it is updated frequently by Mozilla. The Yahoo security problem is not how I check my Yahoo Mail. The biggest Yahoo security problem is Yahoo. The only reason I have a Yahoo account is to keep up to date and for research.
Here’s the email I received this morning from Yahoo. This is at least the fifth one like this I have received in the past month or so.
February 21, 2016
This is a reminder to take action to improve the security on your Yahoo Mail account. You recently accessed your account from a non-Yahoo email application that may be using less secure sign in. This may make your Yahoo account more vulnerable to compromise.
We strongly recommend that you improve the security on your account using the steps below.
1. On a mobile device, upgrade to the Yahoo Mail app for Android or iOS:
2. On desktop, use Yahoo Mail via:
3. Turn off access for apps with less secure sign in, using the link below:
For alternative options to access Yahoo Mail, visit our help page:
Thanks for being a loyal Yahoo Mail user.
Is this Mr. Yahoo? Ms. Yahoo? Yahoo chocolate drink? Why not have a real person sign it, something like this?
Ha! Qui Los UrData,
COO, CEO, CFO, MBA,CNN, CBS, NFL, MLB, NBA, NHL