Yahoo Launches On-Demand Passwords

The Web giant also introduced an end-to-end encryption plugin for Yahoo Mail.

Yahoo has announced a new on-demand password service, as well as end-to-end encryption for email users.

During this week's South by Southwest festival in Austin, Texas, the Web giant unwrapped new features that it said would make users' lives a little easier and more secure.

The intuitive password option allows users to log into their account without needing to remember a long sequence of letters and numbers.

"We've all been there," Chris Stoner, director of product management, wrote in a blog entry. "You're logging into your email and you panic because you've forgotten your password. After racking your brain for what feels like hours, it finally comes to you. Phew!"

Yahoo's new authentication option aims to eliminate that scenario. Just sign into your Yahoo.com account (assuming you remember your passcode), then click on your name on the top right corner of the account info page.

Select "Security" in the left-hand bar, then tap "on-demand passwords" to opt in. Enter your phone number, and Yahoo will send a verification code. Type that cipher in next time you log on, rinse, and repeat.

The service is available now to Yahoo subscribers in the United States. Also new is an end-to-end encryption plugin for Yahoo Mail, which Yahoo chief information security officer Alex Stamos blogged about and demonstrated at SXSW this week.

"While at this stage we're rolling out the source code for feedback from the wider security industry, our goal is to provide an intuitive e2e encryption solution for all users by the end of the year," Stamos said.

The first Yahoo-specific e2e encryption plug-in source code is available now on GitHub. Yahoo encouraged other email providers to build compatible solutions and for security researchers to report vulnerabilities via the Bug Bounty program.

See the original post:
Yahoo Launches On-Demand Passwords