January 7, 2013 | By Seth Schoen

Yahoo! Mail Makes HTTPS Available

We're really happy that Yahoo! is starting 2013 right by letting Yahoo! Mail users use HTTPS to access their e-mail accounts securely. (That means that, just a few days into 2013, we got one of the items on our holiday wishlist!)

EFF helped organize a coalition of human rights and press freedom organizations that sent a letter in November asking Yahoo! to take this step—one we've been advocating for a long time. Without HTTPS, anybody on a wifi network can read all the data sent to or received from a web site (for example, the full text of all the e-mail that Yahoo! Mail users sent or received). Yahoo!'s main competitors in the U.S. webmail market, Google and Microsoft, already use HTTPS on their webmail services (in Google's case, it's been the default for three years running).

For the time being, using HTTPS on Yahoo! Mail is optional and users have to enable it in their accounts. The setting to enable it is found under Options and looks like this:

If you're a Yahoo! Mail user, please take this step right away to protect your privacy when reading and writing e-mail. We'll also be looking into how HTTPS Everywhere can automatically protect users by making all access to Yahoo! Mail secure, even if users don't realize that this option exists.

Thanks to Yahoo! for taking this important step to protect its users' privacy and security. And thanks to everyone involved with our letter for helping emphasize the importance of this security measure (particularly to Front Line Defenders, the Tactical Technology Collective, and Aspiration for bringing many of us together).


Deeplinks Topics

Stay in Touch

NSA Spying

EFF is leading the fight against the NSA's illegal mass surveillance program. Learn more about what the program is, how it works, and what you can do.

Follow EFF

Thanks to everyone helping to expand the web of trust at tonight's Bay Area Members' Speakeasy! https://www.eff.org/event/mem...

Apr 25 @ 8:27pm

EFF's @cooperq talks to GQ magazine about the dangers of spearphishing. http://www.gq.com/story/getti...

Apr 25 @ 6:29pm

Do you use the Internet to get your message out? It's time to defend it. https://www.eff.org/deeplinks...

Apr 25 @ 5:54pm
JavaScript license information