Hacking

Yahoo’s New Email App Dumps Passwords

Yahoo on Thursday announced a password-free Yahoo Mail app that can manage email accounts from Outlook.com, Hotmail and AOL Mail.

There was no mention of syncing with Gmail or Apple’s iCloud Mail.

Yahoo has been working to improve email security in the wake of repeated hacks of the service over the years, the most prominent occurring early last year when it had to reset users’ passwords after hackers stole an undisclosed number of them.

The password-free feature may be an extension of thesecure disposable passwords capability Yahoo introduced in March.

That feature requires users to turn off two-factor authentication, and it’s not clear whether the password-free feature has the same requirement.

The new Yahoo Mail app works on desktops and mobile devices.

Fighting for Survival?

Yahoo’s move “is one of desperation in the sense that they know they have to do something to stay in the game,” said Mike Jude, a research manager atFrost & Sullivan.

“Google has this very well integrated Google environment — applications, cloud storage, Internet search services, email and so on — while Yahoo has taken the path of being a news outlet that also leverages its search capabilities for fun and profit, but it’s always been a niche kind of thing,” he told TechNewsWorld.

In July, Yahoo Mail had less than 4 percent of theglobal email client market; Gmail, 16 percent; Outlook, 8.5 percent; and Outlook.com, 4.3 percent.

A Yahoo spokesperson was not immediately available to comment.

The No-Password Feature

Yahoo Mail now has a “Yahoo Account Key” feature that does away with passwords. It uses push notifications to let users access their account.

To sign in using Account Key, users go to a Yahoo sign-in page, enter their username or email address, and click “continue.” Yahoo sends an account key generated by its servers, and users have to tap the “Yes” prompt on their devices.

The feature, which works with iOS and Android, is not tied to a device.

“Pretty much everybody is on this path of getting rid of passwords before one of them goes under because of identity theft,” said Rob Enderle, principal analyst at theEnderle Group.

“Identity theft has become a serious problem, and the level of compromise has been impressive,” he told TechNewsWorld. “The industry is worried about a catastrophe.”

Symantec warned in June that cybercriminals were using the password recovery feature offered by various email providers to hack into accounts.

The Yahoo Account Feature “will make it harder for criminal organizations to steal your identity,” Enderle said, “such as the average hacker who buys your identity off the dark Web, unless they figure out how to clone your phone.”

What Else the New, Bright Yahoo Mail Does

Yahoo Mail has new search capabilities that let users find messages, photos or attachments by tapping on the screen.

Its autosuggest capability pulls up the most likely contacts when a user enters a couple of letters of a contact’s name, and search results automatically get organized into messages, photos and attachments exchanged with that contact.

When users search by keyword, the Yahoo Mail app will make smart suggestions, drawing from messages, photos and attachments.

Users can attach photos or videos by clicking on the “+” icon on a new message. Photos and videos are scaled automatically and appear in the email. To convert a photo to a regular attachment, users can tap the “-” icon.

Long-pressing the “compose” button lets uses send themselves emails.

Security Losses at Yahoo

Yahoo this summer lost two of its top security personnel.

Chief information security officer Alex Stamos, who was behind the company’s move away from passwords, left for Facebook in June. His deputy, Ramses Martinez, who stepped up after Stamos left, departed for Apple in September.

“It’s amazing they got this [new Yahoo Mail] done,” Enderle remarked, “given they’ve lost their top two security people.”

Richard Adhikari

Richard Adhikari has written about high-tech for leading industry publications since the 1990s and wonders where it's all leading to. Will implanted RFID chips in humans be the Mark of the Beast? Will nanotech solve our coming food crisis? Does Sturgeon's Law still hold true? You can connect with Richard on Google+.

2 Comments

  • Richard, you missed a key blunder by Yahoo Mail.

    Folks without mobile devices [ many of us retirees ] are excluded. Expats living abroad cannot phone their 1-800 number.

    Even Yahoo’s Help Pages’ " Contact us " button on various screens loops back to previous screen.

    No longer possible to email the yahoos at Yahoo, unless you are a business customer.

    • Hmm…this new app is supposed to work on both mobile devices and desktops, Yahoo said. That fact was reported in my piece, and it will be interesting to see if Yahoo ends up restricting it to mobile only.

      I suspect Yahoo is rolling out this feature in the U.S. first and elsewhere later. That’s pretty much the norm for all companies performing major software rollouts because they need to manage the process and avoid overloading their servers, AM ong other things.

      Keep us posted.

Leave a Comment

Please sign in to post or reply to a comment. New users create a free account.

More by Richard Adhikari
More in Hacking

Technewsworld Channels