Log In | Register
Skip to main content
Topic: Fixing a Yahoo mail vulnerability. (Read 3 times) previous topic - next topic
0 Members and 1 Guest are viewing this topic.
Fixing a Yahoo mail vulnerability.
Yahoo Message Number: 136140
I have noted that some of us have had their Yahoo emails hacked and then the rest of us are subjected to spam messages directing us to malicious web sites.  Some of this can be avoided by making sure that our access to Yahoo mail can not be easily subjected to eavesdropping on a public Wi-Fi network.  Unless you do something, your email client will send your Yahoo password to the Yahoo Mail server "in the clear" (i.e. simple to read).  The hacker eavesdropper will have all they need to use your Yahoo email account.  This dialog between your machine and the Yahoo Mail server can be encrypted (i.e. made next to impossible to read) if you tell Yahoo to use SSL. (GEEK NOTE: SSL stands for Secure Session Layer). Unfortunately Yahoo Mail, by default, does not select the use of SSL.  But, you can get your Yahoo Mail to use the SSL option.

Here's how to protect yourself:
 Go to your Yahoo Mail web page.  If you don't know how to get there, go to this groups Yahoo page (or if this is an email, see first "visit your group" Yahoo link below).  NOTE: If it's been a while, you may need to log in to Yahoo.  At the group site, click on the Envelope Icon by the word Mail at the top right of the web page.  You should now be at your Yahoo Mail web page.
 {I should also note here that you need to be using the latest *free* version of Yahoo Mail for this to work.  Old Yahoo Mail versions don't have this SSL option.  Upgrade yourself to the newest *free* Yahoo Mail version if you have to.  It does not change anything on your machine it only changes what Yahoo does for you at their end.}
 Click on the Gear Icon at the top right and then "Mail Options" of the pop-up menu.  You will be on the Options page.
 At the bottom of the page find "Turn on SSL" with a check box next to it.  If the box is empty click on it to cause a check mark in it.
 Click on the "Save" button near the top of the page and you're done.

Alex Rutchka, SE #4 '05 MB
Re: Fixing a Yahoo mail vulnerability.
Reply #2
Yahoo Message Number: 136142
"Alex"  wrote:

Quote
Here's how to protect yourself:
--- Thanks, Alex! ;-)

Joan
2003 TK has a new home
Re: Fixing a Yahoo mail vulnerability.
Reply #3
Yahoo Message Number: 136143
At least with the Chrome browser, Gmail uses https by default.

best, paul

"When you arise in the morning, think of****

what a precious privilege it is to be alive...****

to breathe, to think, to enjoy, to love."****

****

~ Marcus Aurelius

Alex, some of us don't use Yahoo Mail (and I note you use GMail for this
 
Quote
group). Do you know if there's something similar for GMail, or is it automatically set up SSL?
[Non-text portions of this message have been removed]
Re: Fixing a Yahoo mail vulnerability.
Reply #4
Yahoo Message Number: 136145
Linda,
 From what I've read, both Gmail and Hotmail use SSL to protect your access to email servers.  Paul Smith comment corroborates that about Gmail.

Alex Rutchka, SE #4 '05 MB
Re: Fixing a Yahoo mail vulnerability.
Reply #5
Yahoo Message Number: 136147
"...At the bottom of the page find "Turn on SSL" with a check box next to it.  If the box is empty click on it to cause a check mark in it.

Click on the "Save" button near the top of the page and you're done."

Quote
Alex Rutchka, SE #4 '05 MB

 Thanks for this tip, Alex. In all the years I've used Yahoo mail, SSL has never been turned on. Also, I upgraded to the latest free Yahoo mail format.

Chris
Formerly: 2002 30' IB
Re: Fixing a Yahoo mail vulnerability.
Reply #6
Yahoo Message Number: 136148
OK, thanks, Paul.  I have my GMail set to "https."  They do have an option you can select for "http," but I don't know why anyone would do that.
 However, I don't read and respond to my email at the GMail website; instead, I download it, read it, and respond using Windows Live Mail.  I'm assuming the protection provided by the "https" over on the GMail site doesn't extend to the Windows Live Mail software...?   Under "Properties" on Windows Live Mail under Security (the little @ sign with the check mark in the upper most left hand corner), there are two places where you can fill in information: Signing Certificate and Encrypting Preferences.  I have no idea what to put in either box or which "aglorithm" to select.  I assume completing these would do something similar to what Alex was talking about with SSL in Yahoo Mail?  What would I put in those boxes?
 Since this is not LD related, please respond privately to me at elh3946 AT gmail DOT com.

Thanks.

Linda Hylton http://earl-linda.blogspot.com
Linda Hylton
Re: Fixing a Yahoo mail vulnerability.
Reply #7
Yahoo Message Number: 136150
I have had to tell many people to change their Yahoo password.
Now there is a fix too!

Thanks

[Non-text portions of this message have been removed]
 
Re: Fixing a Yahoo mail vulnerability.
Reply #8
Yahoo Message Number: 136157
Quote
I have noted that some of us have had their Yahoo emails hacked ...
... the bottom of the page find "Turn on SSL" with a check box next to it.  If the box is empty click on it to cause a check mark in it.
 Click on the "Save" button near the top of the page and you're done.

Alex Rutchka, SE #4 '05 MB
Alex, Thanks.  Task complete.
Currently: 2008 36' Tiffin Open Road
Previously: 2007 Mid Bath