Fixing a Yahoo mail vulnerability. January 10, 2013, 04:41:34 pm Yahoo Message Number: 136140I have noted that some of us have had their Yahoo emails hacked and then the rest of us are subjected to spam messages directing us to malicious web sites. Some of this can be avoided by making sure that our access to Yahoo mail can not be easily subjected to eavesdropping on a public Wi-Fi network. Unless you do something, your email client will send your Yahoo password to the Yahoo Mail server "in the clear" (i.e. simple to read). The hacker eavesdropper will have all they need to use your Yahoo email account. This dialog between your machine and the Yahoo Mail server can be encrypted (i.e. made next to impossible to read) if you tell Yahoo to use SSL. (GEEK NOTE: SSL stands for Secure Session Layer). Unfortunately Yahoo Mail, by default, does not select the use of SSL. But, you can get your Yahoo Mail to use the SSL option.Here's how to protect yourself: Go to your Yahoo Mail web page. If you don't know how to get there, go to this groups Yahoo page (or if this is an email, see first "visit your group" Yahoo link below). NOTE: If it's been a while, you may need to log in to Yahoo. At the group site, click on the Envelope Icon by the word Mail at the top right of the web page. You should now be at your Yahoo Mail web page. {I should also note here that you need to be using the latest *free* version of Yahoo Mail for this to work. Old Yahoo Mail versions don't have this SSL option. Upgrade yourself to the newest *free* Yahoo Mail version if you have to. It does not change anything on your machine it only changes what Yahoo does for you at their end.} Click on the Gear Icon at the top right and then "Mail Options" of the pop-up menu. You will be on the Options page. At the bottom of the page find "Turn on SSL" with a check box next to it. If the box is empty click on it to cause a check mark in it. Click on the "Save" button near the top of the page and you're done.Alex Rutchka, SE #4 '05 MB
Re: Fixing a Yahoo mail vulnerability. Reply #1 – January 10, 2013, 05:01:43 pm Yahoo Message Number: 136141Alex, some of us don't use Yahoo Mail (and I note you use GMail for this group). Do you know if there's something similar for GMail, or is it automatically set up SSL?Linda Hylton http://earl-linda.blogspot.com
Re: Fixing a Yahoo mail vulnerability. Reply #2 – January 10, 2013, 05:09:45 pm Yahoo Message Number: 136142"Alex" wrote:QuoteHere's how to protect yourself: --- Thanks, Alex! ;-)Joan
Re: Fixing a Yahoo mail vulnerability. Reply #3 – January 10, 2013, 06:23:06 pm Yahoo Message Number: 136143At least with the Chrome browser, Gmail uses https by default.best, paul"When you arise in the morning, think of****what a precious privilege it is to be alive...****to breathe, to think, to enjoy, to love."********~ Marcus AureliusAlex, some of us don't use Yahoo Mail (and I note you use GMail for this Quotegroup). Do you know if there's something similar for GMail, or is it automatically set up SSL? [Non-text portions of this message have been removed]
Re: Fixing a Yahoo mail vulnerability. Reply #4 – January 10, 2013, 08:06:59 pm Yahoo Message Number: 136145Linda, From what I've read, both Gmail and Hotmail use SSL to protect your access to email servers. Paul Smith comment corroborates that about Gmail.Alex Rutchka, SE #4 '05 MB
Re: Fixing a Yahoo mail vulnerability. Reply #5 – January 11, 2013, 08:58:04 am Yahoo Message Number: 136147"...At the bottom of the page find "Turn on SSL" with a check box next to it. If the box is empty click on it to cause a check mark in it.Click on the "Save" button near the top of the page and you're done."Quote Alex Rutchka, SE #4 '05 MB Thanks for this tip, Alex. In all the years I've used Yahoo mail, SSL has never been turned on. Also, I upgraded to the latest free Yahoo mail format.Chris
Re: Fixing a Yahoo mail vulnerability. Reply #6 – January 11, 2013, 09:00:02 am Yahoo Message Number: 136148OK, thanks, Paul. I have my GMail set to "https." They do have an option you can select for "http," but I don't know why anyone would do that. However, I don't read and respond to my email at the GMail website; instead, I download it, read it, and respond using Windows Live Mail. I'm assuming the protection provided by the "https" over on the GMail site doesn't extend to the Windows Live Mail software...? Under "Properties" on Windows Live Mail under Security (the little @ sign with the check mark in the upper most left hand corner), there are two places where you can fill in information: Signing Certificate and Encrypting Preferences. I have no idea what to put in either box or which "aglorithm" to select. I assume completing these would do something similar to what Alex was talking about with SSL in Yahoo Mail? What would I put in those boxes? Since this is not LD related, please respond privately to me at elh3946 AT gmail DOT com.Thanks.Linda Hylton http://earl-linda.blogspot.com
Re: Fixing a Yahoo mail vulnerability. Reply #7 – January 11, 2013, 11:45:50 am Yahoo Message Number: 136150I have had to tell many people to change their Yahoo password. Now there is a fix too!Thanks[Non-text portions of this message have been removed]
Re: Fixing a Yahoo mail vulnerability. Reply #8 – January 11, 2013, 02:44:42 pm Yahoo Message Number: 136157Quote I have noted that some of us have had their Yahoo emails hacked ... ... the bottom of the page find "Turn on SSL" with a check box next to it. If the box is empty click on it to cause a check mark in it. Click on the "Save" button near the top of the page and you're done.Alex Rutchka, SE #4 '05 MB Alex, Thanks. Task complete.