Protect your Yahoo! Mail account with SSL
If you are using a Yahoo Mail account you have probably noticed that the account login is using SSL but that the mail interface itself after logging in is not. You can verify that by checking the address bar of your web browser when you open the Yahoo Mail sign in page which should begin with https:// and not http://.
SSL is beneficial for the security of the connection as it encrypts the data so that attackers can't record the data flow anymore to spy on your data. It is more complicated than that but that's beyond the scope of the article.
Once you are signed in to Yahoo! Mail you will notice that the connection switches to http instead. That's bad from a security point of view, especially if you are connecting to Yahoo! Mail from public networks or wireless networks such as your school's library, a University campus or McDonalds.
If you sign in to Yahoo! Mail via a non-secure Internet connection such as a wireless network, your Yahoo! account is more vulnerable to hijacking. Non-secure networks make it easier for someone to impersonate you and gain full access to your Yahoo! account, including any sensitive data you may be storing. Enhance the security of your entire Yahoo! Mail session with HTTPS data encryption (via security socket layer, or SSL) and protect your account from hijackers and fraud.
I can't really say when Yahoo added SSL as an option to Yahoo! Mail, only that it is now available and that you can turn it on to improve the security of your connection.
Turn on SSL
Follow these easy steps to turn on SSL on Yahoo! Mail.
- Go to Yahoo! Mail and sign in to your account.
- Click on the settings icon at the top right of the screen and select Mail Options from the menu.
- Make sure you are in the General options menu, it should be the default page.
- Look under Advanced Settings for Turn on SSL.
- Check the Turn on SSL box.
- A notification pops up telling you that Yahoo! Mail needs to refresh once you hit on the save button. Refresh means that you will be signed out automatically and need to sign in again.
- Click on OK and then on Save at the top of the screen.
- Sign in again to Yahoo! Mail.
You should see a lock now in front and https in front of the web address.
You should not encounter any issues after switching to https. If you do, you can turn off SSL the very same way again. Check out this Yahoo! Help page for additional information about enabling or disabling SSL. (via)
Advertisement
Full SSL is simply unavailable for many, many Yahoo email customers — the SSL option does not appear for them.
Seems like the news got ahead of Yahoo’s implementation or it’s false PR for Yahoo.
Happy to help.
DAN – THANKS A TUN!
I was able to get Yahoo CLASSIC email back. yaHOOOOOOOOO!
But ONLY after disabling SSL and saving the change the 2nd time.
(seems it didn’t disable SSL the first time I saved – or did i save?)
However ……………
as you know and did NOT point out (thank you) I lost a capability.
Seems that (ok ok Im being, stupidly? obvious) new feature is not an option and does not exist for yahoo CLASSIC BooHOOOOOOO!
In general, get yahoo to display a “display-type” error and it will give you the option of “go back to the previous version”.
And 1 final note: Yahoo does give the option to use Yahoo CLASSIC on my iPad.
DAN’S METHOD to bring back Yahoo CLASSIC mail if you want it and don’t have the option:
“First, disable SSL (see above post). Then you can do either of the following methods:
Method 1:
Lower your screen resolution to 800×600. Reload Yahoo Mail. It will display an error message about your resolution. Click Return to Yahoo Mail Classic (do not click the “temporarily†option). If it loads the classic interface, you can now return to your normal resolution.
Method 2:
Disable javascript in your browser (google on how to do that). Reload Yahoo Mail. It will display an error message about needing javascript for the new interface. Click Return to Yahoo Mail Classic (do not click the “temporarily†option). If it loads the classic interface, you can now turn on javascript again.”
Neiter Method 1 nor Method 2 worked for me. I want my cherished Classic interface back!
@Jerry
First, disable SSL (see above post). Then you can do either of the following methods:
Method 1:
Lower your screen resolution to 800×600. Reload Yahoo Mail. It will display an error message about your resolution. Click Return to Yahoo Mail Classic (do not click the “temporarily” option). If it loads the classic interface, you can now return to your normal resolution.
Method 2:
Disable javascript in your browser (google on how to do that). Reload Yahoo Mail. It will display an error message about needing javascript for the new interface. Click Return to Yahoo Mail Classic (do not click the “temporarily” option). If it loads the classic interface, you can now turn on javascript again.
New Yahoo email https connection has forced me to attempt logging in at least 20-30 times before I see my inbox. Their https server times out (IE cannot find server) most times. All other yahoo sites seem to be okay though. Yahoo said their engineers are working the issue but after 3 weeks…!!
>SSL
It uses TLS, and TLS supports AES.
Thanks for this Martin. I agree with many commenters here that the SSL encryption should be standard.
Uhm, cause RC4 is a stream cipher, while AES and BF are block ciphers? And SSL requires stream ciphers.
I’m kind of disappointed that they use RC4 encryption rather than AES or Blowfish.
Thanks Martin. It’s done. Super !
Thanks seemar :
“When you communicate using encryption, using the HTTPS protocol, it is very difficult for an outside party to unscramble the information that is passing over the internet and wireless networks.”
this is a very new development for yahoo! (just this week!) and only came after public pressure:
https://www.accessnow.org/blog/2013/01/04/yahoo-bolsters-privacy-with-global-https-support
Thanks for this and all the best in the new year.
Incomplete or wrong information again. It would have helped if you had done some research first and added that it may not apply to Yahoo! classic and that it may also depend on browser settings.
I can no longer find the classic mail option on my yahoo accounts.
How can I now switch back to classic mail?
Thank you.
Hmmm… mine’s not on as default. And I actually pay for a premium account.
It’s done, thanks
I think they didn’t make SSL available to Classic Mode because that type of interface is not supported by Yahoo! anymore. I also use Classic interface for the Yahoo! account that I have, and I think that the lack of SSL support for it a mistake.
This doesn’t work with “Yahoo! Mail Classic”. If you turn on SSL, you can’t revert back to Classic. Classic is still my favorite interface. It works with all browsers, even old ones.
Dan thanks for letting us know about the limitation. I find it strange that they have not made this available for Classic as well.
This should be ON by default.
Agreed.