Long a laggard when it comes to site security, Yahoo announces that it will activate SSL for all Yahoo Mail at the beginning of next year.
October 14, 2013 5:18 PM PDT
Yahoo Mail will soon get SSL, long after its competitors had implemented it.
(Credit: Screenshot by Jaymar Cabebe/CNET)
Years after Microsoft, Google, and many others made Secure Sockets Layer (SSL) security the standard for their Web mail systems, Yahoo says that it too will modernize Yahoo Mail’s security.
SSL is a cryptographic protocol that encrypts Web mail as it travels between Yahoo’s servers and your computer’s browser. Yahoo says that it will activate the protection for all Yahoo Mail users on January 8, 2014, a full year after it first offered SSL protection as an option that users had to activate on their own, reports the Washington Post.
Yahoo Mail users diss the new Gmail-like look
Yahoo’s CEO asks for another pass in Q3
Yahoo revenue down in Q3, but beats Wall Street expectations
Gates, Zuck, Dorsey chip in to teach 10M students coding
Facebook’s Sandberg, IBM’s Rometty make Fortune power list
Yahoo has lagged behind every other major competitor on instituting SSL. Microsoft has had optional SSL since 2010, with full implementation taking place over six months as it introduced Outlook.com in 2012 and then merged Hotmail and other Microsoft Web mail services into Outlook.com earlier this year.
A Yahoo spokesperson told CNET that its SSL implementation plans include the use of the tougher 2048-bit encryption, which Google switched Gmail to earlier this year, and Facebook has announced plans to adopt.
Facebook turned on SSL for all connections in July, following its debut as an option in 2011.
SSL landed on Twitter in early 2011, followed by default implementation in August 2011.
Google became the first major Web mail service to implement default SSL in 2010 and revealed that it was moving toward the next level of cryptographic protection, called Perfect Forward Secrecy, earlier this year.
While checking Web mail with SSL is considered to be more protective of privacy than Web mail without it, the NSA has found ways around it.
Updated at 2:15 p.m. on Tuesday, October 15, with encryption detail from Yahoo.