Loading ...
Sorry, an error occurred while loading the content.

Re: Yahoomail - Password hacking

Expand Messages
  • morac1974
    Yahoo passwords are sent via https when you log in, but after that everything is in the clear. So your Yahoo password should be safe, but that doesn t stop
    Message 1 of 3 , Apr 25, 2008
    • 0 Attachment
      Yahoo passwords are sent via https when you log in, but after that
      everything is in the clear. So your Yahoo password should be safe,
      but that doesn't stop people from reading your email or grabbing your
      login cookies after you've already logged in.

      Login cookies expire in 24 hours and which point the user would need
      to supply a password again, but 24 hours is a lot of time to fiddle
      around with your account (delete email, change your profile, etc).
      The only positive thing is that a password is always required to view
      or make account changes, so a person can't completely hijack your
      account, but they can do damage.

      Needless to say if you store any username and passwords in your Yahoo
      Mailbox, all of that would be accessible since any mail you view would
      be visible to everyone on a non-encrypted wireless network.

      This doesn't just affect wireless networks either. If you are on a
      LAN (eg: work or school network), then your Yahoo Mail is visible as well.

      That is why Yahoo mail should use https for viewing email.


      --- In Y-Mail@yahoogroups.com, John Desmond <k0tg@...> wrote:
      >
      > The real security threat is that passwords are sent in the clear.
      If you are at your favorite coffee shop using their Wi-Fi access, etc
      someone can capture your password as it flys by. Not to likely, but
      why take the chance these days. https would go a long way.
      >
      >
    Your message has been successfully submitted and would be delivered to recipients shortly.