• Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
HackRead
  • January 22nd, 2021
  • Home
  • Advertise
  • Privacy Policy
  • Contact Us
HackRead
  • Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
  • Follow us
    • Facebook
    • Twitter
    • Linkedin
    • Youtube
Home
Security

On-Demand passwords and e2e encryption source code Launched by Yahoo

March 17th, 2015 Waqas Security 0 comments
On-Demand passwords and e2e encryption source code Launched by Yahoo
Share on FacebookShare on Twitter

Yahoo made two major announcements this week regarding its security protocol. One was the launching of the new “on-demand” password service and the other was the release of Yahoo mail’s end-to-end encryption source code that is available on GitHub.

The product management director for Yahoo, Chris Stoner, explained that the company’s on-demand password service is aimed at making the logging-in procedure “less anxiety-inducing.”

Basically, users won’t have to use a pre-determined password for logging-in to their accounts but Yahoo will send them text messages containing verification code.

On-Demand passwords and e2e encryption source code Launched by Yahoo

On-Demand passwords and e2e encryption source code Launched by Yahoo

See Also: NSA hacked Google and Yahoo data centers, accessing hundreds of millions of user accounts

Evidently, this new system of logging-in into Yahoo accounts is different from the two-factor authentication process. Two-Factor process comprises of two different forms of account login which generally involve a text message password. However, the on-demand system will only rely upon one factor authentication system, according to Yahoo’s Blog Post.

This technology is definitely not new for email users and Yahoo is certainly the first one to have introduced it either. However, Yahoo’s spokesperson stated that it is “still a relatively new trend in the industry, so we’re excited to be leading on this for our users.” 

From the outlook, this phasing out of passwords appears exciting specifically to the security community. But, various professional experts have identified it’s probably security lapses. Particularly, the password program ignores the threat of mobile malware and the probability of a mobile device being compromised.

Tripwire’s director of product management, security and IT risk strategist, Tim Erlin, states that “While Yahoo is lifting the burden of remembering a password, they are maintaining a single target for compromise: your SMS messages. Malware on your phone could be used to grab those SMS messages and then have full access to your account.”

Moreover, both on-demand and two-factor authentication systems are exclusive and therefore users will be required to choose between the two.

Simultaneously, John Bradley, Ping Identity’s senior technical architect, believes that this movenwill optimize account recovery and receiving a new password every time through SMS will be more secure than via email.

Currently, only US-based users can use this feature.

Follow @HackRead | Via: Yahoo | SCMag

  • Tags
  • Password
  • Privacy
  • security
  • Yahoo
Facebook Twitter LinkedIn Pinterest
Previous article Mysterious Spy Cameras Secretly Spying on Post Office Customers in US
Next article Terrorism cannot be stopped through Mass Surveillance Tactics- Snowden
Waqas

Waqas

I am a UK-based cybersecurity journalist with a passion for covering the latest happenings in cyber security and tech world. I am also into gaming, reading and investigative journalism

Related Posts
Shazam Vulnerability exposed location of Android, iOS users

Shazam Vulnerability exposed location of Android, iOS users

Ongoing 'FreakOut' malware attack turns Linux devices into IRC botnet

Ongoing 'FreakOut' malware attack turns Linux devices into IRC botnet

Signal, Google Duo, FB Messenger vulnerabilities allowed eavesdropping

Signal, Google Duo, FB Messenger vulnerabilities allowed eavesdropping

Newsletter

Get the best stories straight into your inbox!



Don’t worry, we don’t spam

Latest Posts
Shazam Vulnerability exposed location of Android, iOS users
Security

Shazam Vulnerability exposed location of Android, iOS users

40
Ongoing 'FreakOut' malware attack turns Linux devices into IRC botnet
Security

Ongoing 'FreakOut' malware attack turns Linux devices into IRC botnet

76
Signal, Google Duo, FB Messenger vulnerabilities allowed eavesdropping
Security

Signal, Google Duo, FB Messenger vulnerabilities allowed eavesdropping

103

HACKREAD is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance and Hacking News with full-scale reviews on Social Media Platforms & Technology trends. Founded in 2011, HackRead is based in the United Kingdom.

Follow us