Yahoo To Open Up Email Authentication

Aditi.Tuteja writes, "Yahoo has announced it will give away the browser-based authentication used in its email service, considered to be the company's 'crown jewels.' Yahoo made the announcement ahead of a 24-hour 'Yahoo Hack Day,' where it had invited more than 500 mostly youthful outside programmers to build new applications using Yahoo services. Considering the different needs of its huge user base (257 million people use Yahoo Mail), Yahoo has decided it can't build or buy enough innovation, so they are enlisting the worldwide developer community." The code will be released late in 2006. Yahoo notes that there are 'no security risks' since they keep absolute control of usernames and passwords.

Good for Yahoo

[lewp]

In their struggle to maintain relevance in the face of Google, Yahoo has really done a complete 180 from the days when their main service was a manually-reviewed index of websites. They've had the good sense to keep their noses out of (e.g. Flickr), and they've made some cool products/technologies available to the developer community for free.

Google gets all the press nowadays, but Yahoo's been pretty cool lately as well. Props!

Re:Good for Yahoo

"They've had the good sense to keep their noses out of the things they've acquired (e.g. Flickr)"

So maybe I've been drinking...

257m users.

How many of those 257 million users are spambots?

It seems to me like...

[RuBLed]

...social websites allowing their users to customize the css templates of their profile pages. There would surely be a few good innovations but like 70% of my friends "customized profile pages", most would visually painful enough that.. arrghhh..!! *head explodes*

'No security risk'

[SeaFox]

Yahoo notes that there are 'no security risks' since they keep absolute control of usernames and passwords.

Why does the phrase "famous last words" come to me when I hear that. I can almost imagine it being spoken by Hammond in Jurrasic Park when he's talking about how safe the attractions are and that it's impossible for the dinosaurs to breed.

I forsee an explot being developed or maybe someone will just write a new "service" that makes use of Yahoo's systems that also happens to pass the username/pass to a more nafarious author.

Remember, the tool is only as safe as the operator. AOL's search didn't even ask for people to enter their Social Security Numbers.

Re:Yahoo for yahoo.

Hiring the world to do thier work. BRILLIANT!

I really wish people wouldn't do this crap. It's not Mom and Pop's Search Engine Co. It's frigging Yahoo. If you want programmers, pay some damn programmers.

DARPA Grand Challenge, sure. Nobody's getting your crap for free when you're done. GPL, sure. They only get it if they give back. But stupid competitions like this just feed cash into the already-cash-filled pockets of corporations. Not that corporations making money is a bad thing, but we don't need to hand them more for driving down programmer wages.

It's part of a trend

[joeflies]

Microsoft's tried to own identity by offering 3rd party authentication through Passport, and now shifted towards IDCard/LiveID. Google has already opened up their authentication

Ultimately this comes down to who are users going to flock to as their primary id on the internet - and thus users will use it to log into 3rd party applications which lie outside of microsoft/google/yahoo. The bigger question, though, is how come these companies are going to "own" your id instead of federate it.

BTW, Yahoo has offered authentication services through other apps back in March.

Great, more ID theft

[192939495969798999]

So now if i login to Yahoo, every jerk with a website can read that cookie and know who i am, right?