Yahoo is jumping on the SSL bandwagon to help secure their users’ email.

But whoa, whoa, Yahoo. Unfortunately, you didn’t put SSL on by default, like Google did with Gmail in January 2010.

SSL helps end-users protect their accounts from hijacking when they are connected in an unsecure network. A popular attack program is Firesheep.

If the user wants SSL protection, then you will have to do this manually, as follows:

  • Select “Options/Mail Option” on your Yahoo mail screen
  • Select “General” from the left menu
  • Check the box for “Turn on SSL”
  • Click “Save”

I’m sure Yahoo will one day put SSL on by default. But they did turn down Microsoft’s $44.6 billion bid for the company, so you never know what they’re thinking.

Bruce Morton

Bruce Morton

Bruce Morton has worked in the public key infrastructure and digital certificate industry for more than 15 years and has focused on SSL and other publicly trusted certificates since 2005. He has been an active member of the CA/Browser Forum that released guidelines for extended validation (EV) certificates and Baseline Requirements for SSL certificates. Bruce oversees the governance and compliance of Entrust’s publicly trusted PKI.