Yahoo! Mail introduces two factor authentication

Yahoo! Mail introduces two factor authentication

Summary: In an attempt to offer layered security to its millions of Web users, Yahoo Inc. recently announced the availability of two factor authentication for Yahoo! Mail users.

SHARE:

In an attempt to offer layered security to its millions of Web users, Yahoo Inc. recently announced the availability of two factor authentication for Yahoo! Mail users.

More on the feature:

Once the feature is turned on, any suspicious account sign-in attempt will be challenged by a second sign-in verification beyond the initial password validation. To confirm the legitimacy of the sign-in attempt, you or the hijacker will have to answer your account security question or enter a verification code that will be sent to your mobile phone. Presumably, only you, as the legitimate user, can sign in. Account hijackers will be blocked since they neither know your security answer nor possess your mobile phone.

Users who wish to active the second sign-in verification can do it through the Yahoo! Account Info page. The feature is currently available to users residing in the United States, Canada, India, and the Philippines, with the feature extending gradually to all worldwide users by March 2012.

Related posts:

Google announced the availability of two factor authentication for Gmail users in February, 2011.

Topics: Collaboration, Browser, Security, Social Enterprise

Dancho Danchev

About Dancho Danchev

Dancho Danchev is an independent security consultant and cyber threats analyst, with extensive experience in open source intelligence gathering, malware and cybercrime incident response.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

14 comments
Log in or register to join the discussion
  • Perhaps ZDNet will consider employing two-factor authentication.

    It would certainly elevate the quality of the TalkBacks, yes Dancho?
    Dietrich T. Schmitz *Your
  • RE: Yahoo! Mail introduces two factor authentication

    Great to see them taking security more seriously. I hope we get HTTPS soon (beyond the login).
    mttsmth
    • RE: Yahoo! Mail introduces two factor authentication

      @mttsmth
      Absolutely. The one big thing missing with Yahoo Mail is HTTPS. But, it may be too late. I know so many people whose Yahoo Mail accounts have been hacked, and many switched to the biggest fad in town, Gmail, where you are guaranteed to be spied on.
      jorjitop
      • RE: Yahoo! Mail introduces two factor authentication

        @jorjitop

        Gmail a fad? Do you know what a fad is?

        What is your basis on the spying accusation? Ads are served up on both Yahoo and Gmail the exact same way.
        anonBNET
      • RE: Yahoo! Mail introduces two factor authentication

        @anonBNET

        I think he's referring to *Google* spying on the emails, as opposed to the 3rd-party advertisers. Not the "we're storing your emails, so there's the possibility that someone might access it accidentally, or in response to a government subpoena" type, but the "We want to target our ads to you based on what you do online, so we're going to look at what you're talking about in your emails, in addition to tracking what you look for with our search engine" type.
        spdragoo@...
      • RE: Yahoo! Mail introduces two factor authentication

        @spdragoo@... Well you clearly missed the news release about how Yahoo does the exact same thing, as Yahoo has a search engine too, which does the same. If you really don't want to be "spied on" you need something like Hushmail.
        xamountofwords
  • RE: Yahoo! Mail introduces two factor authentication

    And what about those of us that do not have a mobile phone and cannot send or receive text messages????
    Anynamesleft
    • RE: Yahoo! Mail introduces two factor authentication

      @Anynamesleft Then you answer the security question.
      xamountofwords
  • RE: Yahoo! Mail introduces two factor authentication

    I view any Company wanting your cell phone number (NO matter what reason they claim it's for) VERY suspiciously. Many (most) companies SELL your number and/or other info to whomever (mostly spammers) wants to pay for it. Even your own Bank will do it. Last I've read, Yahoo could use the extra money. I suggest using a "Security question" rather than giving your cell number to receive a PIN.
    abt187@...
  • RE: Yahoo! Mail introduces two factor authentication

    nice....
    SoCash
  • RE: Yahoo! Mail introduces two factor authentication

    Two-factor authentication has overpowered the traditional method of authenticating users, such as hardware tokens which are not scalable when deployed across a large.

    To avoid online fraud need has arise to increase some more layers of security to protect your online accounts. Keeping myself updated with such trend, I activated two-factor authentication on my online accounts. The service is good however; at the time of hurry it is a bit annoying. But as far as security is concern it???s great.

    Primarily, I read about two-factor authentication method offered by http://www.telesign.com/. Their two-factor authentication works with any phone and can be easily deployed worldwide.

    Know more about their two-factor authentication product by visiting them at http://www.telesign.com/products-demos/two-factor-authentication/ and follow TeleSign at Facebook.
    LauraDeitch
  • yahoo fails as gmail did

    mobile carrier is ___NOT___ the only way to receive SMS

    I don't want them to have my my mobile number much less sms me

    I want the other factor to be XMPP

    Since they have all been busily adding XMPP (JabbeR) this ought not be a challege.

    I expect to see yahoo mail 2-factor authentication with XMPP before 2013

    xmpp: wiping out sms profits the world over

    xmpp: free, actually fast, secure, private, open standards
    smsfail
  • Yahoo! Mail introduces two factor authentication

    Some of the largest websites are starting to implement this 2FA technology, allowing their users to 'telesign' into their email accounts, social networks, online banking, etc. I definitely think this is the way of the future! As has been stated time and time again ???passwords simply aren???t enough anymore???. For me, the 30 seconds it takes to have the peace of mind that my account won't get hacked and my credit card and personal information isn't up for grabs is well worth it. I wish more organizations would start implementing 2FA.
    Bob luand
  • Yahoo does not offer this service to my country.

    Yahoo does not offer this service to my country.
    Lex Aleksandre