Deleting Your Yahoo Email Account? Yeah, Good Luck With That (zdnet.com)

← Back to Stories (view on slashdot.org)

Deleting Your Yahoo Email Account? Yeah, Good Luck With That (zdnet.com)

Posted by msmash on Friday February 17, 2017 @08:40AM from the not-letting-go dept.

In the wake of security breach revelations, many of you might have considered deleting your Yahoo account. Many of you might be thinking about doing so soon. Heads up, it turns out, deleting a Yahoo email account isn't as straightforward as you may have imagined, and you again have Yahoo to blame for that. From a report on ZDNet: Several Yahoo users, who last year decided to leave the service, told us that their accounts remained open for weeks or months after the company said they would be closed. David Clarke was one of those departing users, whose dormant account was slowly accumulating junk over the past few years. "This was an ancient email I had set up, had no personal data in it anymore and had a unique password," writing about his troubles on Medium. "But it's a part of my digital footprint that I no longer required and decided, given the horrible security practices going on at Yahoo, to vote with my account and have it removed." Yahoo makes the account deletion process straightforward enough, but users have to wait "in most cases... approximately 90 days" for the account to close. The company says this is to "discourage users from engaging in fraudulent activity." On day 91, Clarke logged back into his account to find that it was still active. Unbeknownst to him, logging back in simply to check would reset the clock back to zero. "Yahoo confirmed via email yesterday if you access your account it resets the timer," he told me. "So, if you login to ensure your account has been deleted and it hasn't, you have to wait at least another 90 days."

30 of 101 comments (clear)

Min score:

Reason:

Sort:

Send it an email? by MarcAuslander · 2017-02-17 08:51 · Score: 5, Interesting

I wonder if checking by seeing if an email to it bounces would "reset" the timer. Because if so, spam will keep it open forever!
1. Re:Send it an email? by ShanghaiBill · 2017-02-17 09:03 · Score: 4, Insightful
  
  I wonder if checking by seeing if an email to it bounces would "reset" the timer. Because if so, spam will keep it open forever!
  No. Receiving email does not reset the timer. But I am confused about why people care if the account is open. If they are no longer using the account, and it contains no personal information, then it is just a spam sink, wasting space on Yahoo's disk farm, but otherwise doing nothing and harming no one.
2. Re: Send it an email? by Anonymous Coward · 2017-02-17 09:11 · Score: 5, Interesting
  
  Also note that e-mail accounts never die.
  They just can not really die and disappear.
  If it was possible, then after disappearance,
  someone else could create the exact same
  named email-account, and appear to be you.
  E-mail accounts can never really go away.
3. Re:Send it an email? by Sebby · 2017-02-17 09:12 · Score: 2
  
  But I am confused about why people care if the account is open. If they are no longer using the account, and it contains no personal information, then it is just a spam sink, wasting space on Yahoo's disk farm, but otherwise doing nothing and harming no one.
  This particular user in the story doesn't care, but others will (where they do want the account to die, so it cannot be abused/accessed through future inevitable breaches). Knowing that someone else has successfully done so is valuable to know, more valuable then Yahoo's stock!
  
  --
  
  AC comments get piped to /dev/null
4. Re:Send it an email? by Stan92057 · 2017-02-17 09:29 · Score: 2
  
  Your yahoo email address is also your yahoo identity used to sign into every service they have which isn't many these days. Gone are the chat rooms, yahoo messenger probably just as dead yahoo games and so on. that may be why they care, seems dumb to be but its the world we live in today...i have a few old yahoo email addresses i closed never looked back made sure nothing was in them before i did though.
  
  --
  Jack of all trades,master of none
5. Re:Send it an email? by taustin · 2017-02-17 09:40 · Score: 2
  
  Ever tell someone that you've changed email addresses, and they just won't stop using the old one? If they don't eventually get bounce messages, they will never switch to the new one.
  (Personally, I consider these people too stupid to email me, but it bothers some.)
6. Re:Send it an email? by AK+Marc · 2017-02-17 09:52 · Score: 2
  
  But I am confused about why people care if the account is open.
  They had the account for years. It has some personal or sensitive data in it. Yahoo keeps getting haked. So delete the account and keep your data safe (by losing it forever). Except you can't keep the data out of the hands of the hackers. By design.
  
  Do you have a better idea now of why someone would want an account on an insecure provider more secure?
  
  --
  Learn to love Alaska
7. Re: Send it an email? by Hognoxious · 2017-02-17 10:19 · Score: 5, Funny
  
  Worst haiku ever!
  
  --
  Confucius say, "Find worm in apple - bad. Find half a worm - worse."
8. Re:Send it an email? by war4peace · 2017-02-17 10:28 · Score: 2
  
  Um, no.
  The e-mail address can be parked, in other words marked as inactive. All e-mails sent to it would bounce as if it doesn't exist, and all attempts to create an identical one would fail as if it does exist.
  
  --
  ...gis sdrawkcab (usually not responding to ACs; don't bother posting as AC)
9. Re: Send it an email? by shumacher · 2017-02-17 11:25 · Score: 2
  
  Yeah, actually.
  Yahoo’s Very Bad Idea to Release Email Addresses | WIRED
10. Re:Send it an email? by ShanghaiBill · 2017-02-17 11:30 · Score: 2
  
  They had the account for years. It has some personal or sensitive data in it.
  Then delete the personal and sensitive data. That doesn't require closing the account, and closing the account doesn't necessarily mean affiliated data is deleted. So why should anyone care if the account is closed?
11. Re: Send it an email? by citylivin · 2017-02-17 11:41 · Score: 2
  
  What kind of BS is this? ISPs do reassign email accounts. What you say may be true for yahoo, but most ISP provided email, once its deleted, its deleted and someone else can re register it. Its really up to you to change your contacts and let them know about the switch. Email was never designed to be a secure medium and has no identity matching at all.
  Perhaps web mail companies are different, but they surely do not represent all mail servers out there.
  
  --
  As a potential lottery winner, I totally support tax cuts for the wealthy
12. Re: Send it an email? by mrbester · 2017-02-17 11:58 · Score: 2
  
  Funnily enough (no, not really), I can't delete my Yahoo! account or even set it dormant because my ISP (BT) had / has an agreement with Yahoo! to provide email for domestic users going back to the end of the 90s. Even though my primary contact registered with BT hasn't been this address for well over a decade, because it was the original I signed up with it can't be deactivated because reasons.
  The "don't log in for 90 days" trick doesn't work with this account. I hadn't accessed it in five years. Fortunately I'd set all mail to be marked as spam (if it wasn't already) before I left it alone all those years and the size of that folder was astonishing.
  
  --
  "Wait. Something's happening. It's opening up! My God, it's full of apricots!"
13. Re: Send it an email? by Anonymous Coward · 2017-02-17 12:17 · Score: 3, Informative
  
  Also note that e-mail accounts never die.
  They just can not really die and disappear.
  If it was possible, then after disappearance,
  someone else could create the exact same
  named email-account, and appear to be you.
  E-mail accounts can never really go away.
  Burma Shave.
14. Re: Send it an email? by Sarten-X · 2017-02-17 13:09 · Score: 2
  
  So... They're just like post office boxes, on which the system was modeled, or street addresses. In both of those cases, someone else can get your address after you leave and communicate in your name!
  While getting your own domain is significantly easier than getting your own post office or private street, the effect is still the same. Those are the only ways to reliably use their respective addresses as identities.
  
  --
  You do not have a moral or legal right to do absolutely anything you want.
15. Re: Send it an email? by Alumoi · 2017-02-17 21:20 · Score: 2
  
  If you aren't paying for the service, you are the product, not the customer. Expect to be SOLD
  And if you're paying for the service, you are the idiot product who pays for having his information being sold.
I heard worse... by XSportSeeker · 2017-02-17 08:54 · Score: 4, Insightful

Though I have no way of confirming this nor I know if it's completely true, but I heard that it's not a good idea deleting your account at all.
The reasoning is that once your account gets completely deleted, it becomes available once again for whoever gets it, so it could end up in impersonation if it was an account that you used frequently.
I've kept mine but ceased all activities on it and deleted everything in there, while also replacing my password with a 20+ alphanumeric random thing.
1. Re:I heard worse... by Just+Some+Guy · 2017-02-17 09:13 · Score: 4, Informative
  
  I linked this elsewhere, but again to make sure it gets seen: yes, purge your account of all data, but don't delete it because Yahoo reserves the right to give your old address so someone else.
  
  --
  Dewey, what part of this looks like authorities should be involved?
2. Re:I heard worse... by The-Ixian · 2017-02-17 09:35 · Score: 2
  
  Yeah, I just set an extremely long and random password, set up 2FA and made sure the account wasn't used anywhere else as a secondary e-mail. Then I promptly "forgot" all the information.
  I doubt anyone will ever be able to log in again... and if Yahoo wants to hold a ton of spam... well, that's on them.
  
  --
  My eyes reflect the stars and a smile lights up my face.
It's all about the merger by mccrew · 2017-02-17 09:03 · Score: 4, Informative

The merger with Verizon got in real trouble with the latest round of security revelations. While there are good reasons to have a delayed delete, this may be a case of keeping the active user count artificially high in order to keep the merger on track. The whole goal of the merger is to get access to (what remains of) the Y! user base, and letting everyone get away before the it closes just devalues the deal and makes Verizon look like a chump.

--
Hey, Windows users, there is no such thing as "forward" slash, there is only slash and backslash.
1. Re:It's all about the merger by Hognoxious · 2017-02-17 10:24 · Score: 4, Funny
  
  I should of stayed for the free classes
  Your 100% wright their.
  
  --
  Confucius say, "Find worm in apple - bad. Find half a worm - worse."
Why were the accounts around to begin with? by Kergan · 2017-02-17 09:03 · Score: 2

According to their Help articles they purge inactive accounts anyway:
https://help.yahoo.com/kb/SLN2...
1. Re:Why were the accounts around to begin with? by The-Ixian · 2017-02-17 09:54 · Score: 2
  
  I somehow doubt that Yahoo would still have over 1 billion accounts to be compromised if this was actually happening.
  
  --
  My eyes reflect the stars and a smile lights up my face.
2. Re:Why were the accounts around to begin with? by Sarten-X · 2017-02-17 14:14 · Score: 2
  
  Yeah... I call bullshit.
  I had an old Yahoo account that has definitely been inactive for over 5 years. I just tried to log in, and it tried to send a validation code (good?) to a Hotmail address that I haven't used in even longer than that. That Hotmail account appears to have been properly deleted and re-registered (by someone whose security questions are in a different language than I would have used).
  
  --
  You do not have a moral or legal right to do absolutely anything you want.
Facebook has the exact same policy by gQuigs · 2017-02-17 09:05 · Score: 4, Informative

If you try logging in you reset the counter.
https://www.facebook.com/help/...
Because those accounts are assets. by mmell · 2017-02-17 09:06 · Score: 4, Informative

Yahoo has a vested interest in making sure they're serving as many email accounts and hosting as many web pages as possible. They all represent resources, and that's important when it comes to reselling a business unit or the entire company.
I've repeatedly pointed out that they seem to ignore emails to "abuse@yahoo.com", and if you're a non-Yahoo recipient of spam from the Yahoo domain you have to surf out to this incredibly complex URL, manually separate the message header from the body and solve a CAPTCHA to report it. They may not be getting paid directly by the spammers, but the web traffic a spammer creates to use a compromised account web page to kick off a PHP-based spam campaign from Yahoo's email domain looks good on the books. It's evidence that Yahoo's hosted web servers and Yahoo's hosted email solution are heavily used and relevant. The fact that they aren't really something Yahoo can monetize doesn't get mentioned, just "Hey, look how relevant we are!".
You know, Hotmail (and presumably Live email) also impose a "ninety day cooloff" period on account cancellations. Hotmail/Live at least accept and act on emails sent to their abuse address, while Yahoo doesn't.
Do NOT delete your account! It's a security risk! by Just+Some+Guy · 2017-02-17 09:07 · Score: 4, Informative

Yahoo re-issues email addresses after they've been deleted. Are you absolutely 100% certain you haven't used that account as the password reset address for anything else? If so, go ahead (so long as you don't mind someone else having your username). If there's any chance at all that your old Yahoo address's new owner could reset your Facebook password, for instance, then purge your Yahoo account instead.
Yes, everything to do with Yahoo is a travesty. Why do you ask?

--
Dewey, what part of this looks like authorities should be involved?
Re:or... by Hognoxious · 2017-02-17 09:34 · Score: 2

Just check its twitter feed.

--
Confucius say, "Find worm in apple - bad. Find half a worm - worse."
Schrodinger's email by mspohr · 2017-02-17 09:43 · Score: 4, Funny

It's there... and it's not... but don't look.

--
I don't read your sig. Why are you reading mine?
This is par for the course... by ctilsie242 · 2017-02-17 09:54 · Score: 4, Informative

This isn't just Yahoo... Facebook does similar, and I wouldn't be surprised that other sites do the same thing. The info they have on you is an asset.