On the heels of its recent redesign, Yahoo Mail is adding a new feature many users have been requesting for years: encryption. The Washington Post revealed today that Yahoo Mail will begin using default SSL encryption for its webmail interface as of January 8th, 2014. The encryption, which protects messages sent between a user's computer and Yahoo servers, was only made available earlier this year as an option from Yahoo, although most security professionals view it as crucial for any level of privacy on the web. The move comes nearly four years after Gmail switched over to default SSL in January of 2010.
The shift comes on the heels of a Post exclusive that the NSA has been collecting millions of address books as part of their data collection efforts — and collected twice as many from Yahoo as from the other major services combined. The piece is unclear on the specific reason for this uptick but "one possibility is that Yahoo, unlike other service providers, has left connections to its users unencrypted by default." The timing is particularly unfortunate after a September leak revealed widespread NSA circumvention of SSL protections.