Slashdot Mirror

← Back to Stories (view on slashdot.org)

Yahoo Mail Moves From Passwords To Push Notification Sign-Ins (tumblr.com)

Posted by timothy on from the we-think-you're-you dept.

An anonymous reader writes: A revamp of Yahoo Mail includes a new feature which eliminates the password from the sign-in process on mobile platforms, instead relying on the user's phone number as a token of authenticity. Notification-based sign-ins are a network-heavy commitment used with less frequency during some online banking authentication procedures, and by Google and others in specific events such as the need for a password reset. But Yahoo is well-motivated to improve security after a 2014 data breach led to a mass-reset of passwords for affected users.

4 of 78 comments (clear)

  1. Selling Cell Numbers to Advertisers? by Irate+Engineer · · Score: 5, Insightful

    Yahoo Mail has been my throwaway email since about forever, and I have no desire for it to be anything other than that. Yahoo is in such straights now that I would have to read the fine print about what they'll be doing with my cell number and would be very leery about handing it to them. It wouldn't surprise me if this is less a security ploy than a data-mining revenue enhancement ploy.

    --

    Left MS Windows for Linux Mint and never looked back!

    Vote for Bernie in 2016!

    1. Re:Selling Cell Numbers to Advertisers? by JustAnotherOldGuy · · Score: 4, Insightful

      I would have to read the fine print about what they'll be doing with my cell number and would be very leery about handing it to them.

      Same here, with the added caveat that "terms and conditions are subject to change". In other words, once they have it they can basically do whatever they want with it and good luck trying to stop them.

      "Sorry, didn't you read out new TOS? It explicitly states that we can now sell your phone number to the Mobile Marketing Ad Group in India and Bahrain and Brazil and Mexico and Russia and anywhere else we fucking feel like it."

      --
      Just cruising through this digital world at 33 1/3 rpm...
  2. No, No No No by JustAnotherOldGuy · · Score: 1, Insightful

    NO, I do NOT want to receive a fucking text message every time I need to login somewhere.

    Fuck you, Yahoo, it's no wonder why you have the craptastic reputation you do.

    --
    Just cruising through this digital world at 33 1/3 rpm...
  3. So essentially the phone is my security credential by QuietLagoon · · Score: 5, Insightful
    So if someone gets my phone, they can access my Yahoo accounts because all the knowledge needed to access my Yahoo accounts is contained on the phone and/or Yahoo will message it to the phone.

    .
    What am I missing? This does not sound more secure at all.