Skip to main content

Yahoo recycles old user IDs with help from Facebook

Yahoo recycles old user IDs with help from Facebook

Share this story

Yahoo (STOCK)
Yahoo (STOCK)

It's been just over a month since Yahoo announced its plan to reclaim abandoned usernames, and met with an immediate outcry over privacy concerns. What if you used your Yahoo email as a password reset? Was Yahoo making life easy for identity thieves? Now, the company's finally going public with details of how it plans to protect users from data theft.

The big news is a header system that would signal email providers to check the age of the account before delivering the mail. It's a way to stop email that's meant for the previous owner of the email address. In a post describing the system, Yahoo's Bill Mills described an e-commerce site dropping it into their email reset message: if the Yahoo email has been reset since the e-commerce account was created, then the email won't go through. If enough services sign on, it will mean tying each Yahoo account to the date it was created — and stopping any emails that go through from accounts that are older.

"We don't expect every company and provider out there to adopt this."

It's a strong system, but it needs cooperation from both sides to work, so Yahoo is going to spend the next month reaching out to various networks and mailing lists to try to make their header the industry standard. "We don't expect every company and provider out there to adopt this," said Dylan Casey, senior director of platforms at Yahoo, "but hopefully we can push the industry in this direction." The company has already filed a paper with the Internet Engineer Task Force as a way to give the idea broader credibility. More importantly, Yahoo has enlisted one of the biggest forces in online identity: Facebook. According to the team, Facebook reached out to Yahoo a few days after the initial announcement, offering an email header system as a potential solution. Yahoo liked the idea, and brought on Facebook as an early partner in the process.

Yahoo is also offering simpler protections, like instituting a 30-day period between when an account is deactivated and when another user can claim it. During that time, Yahoo will auto-unsubscribe the account from any mailing lists that send mail to the address. But there are still some issues that haven't been solved, like the policy of deactivating any account that's been inactive for more than a year. Some privacy advocates think that's not long enough, like Credit.com CEO and former director of the New Jersey Division of Consumer Affairs, Adam Levin. "If a scammer somehow manages to get your email information, the risk is that this person will be communicating as if they were you," says Levin. "I think one year is too short. It should be at least two years."

For Yahoo, that's a real risk, but a manageable one. According to Casey, fewer than 7 percent of the deactivated accounts have a mailbox associated with them — meaning they used some Yahoo service, but not Yahoo Mail. In exchange, the company sees a chance to revamp their whole suite of services, enticing users with shiny new handles. "There's been an increased focus in recent quarters on mail and Flickr and the homepage," Casey says, and this username switch is the first step towards bringing back users. "In order to move forward, we have to clean up our past a little."

Today’s Storystream

Feed refreshed Sep 24 Striking out

E
External Link
Emma RothSep 24
California Governor Gavin Newsom vetoes the state’s “BitLicense” law.

The bill, called the Digital Financial Assets Law, would establish a regulatory framework for companies that transact with cryptocurrency in the state, similar to New York’s BitLicense system. In a statement, Newsom says it’s “premature to lock a licensing structure” and that implementing such a program is a “costly undertaking:”

A more flexible approach is needed to ensure regulatory oversight can keep up with rapidly evolving technology and use cases, and is tailored with the proper tools to address trends and mitigate consumer harm.


A
Youtube
Andrew WebsterSep 24
Look at this Thing.

At its Tudum event today, Netflix showed off a new clip from the Tim Burton series Wednesday, which focused on a very important character: the sentient hand known as Thing. The full series starts streaming on November 23rd.


A
The Verge
Andrew WebsterSep 24
Get ready for some Netflix news.

At 1PM ET today Netflix is streaming its second annual Tudum event, where you can expect to hear news about and see trailers from its biggest franchises, including The Witcher and Bridgerton. I’ll be covering the event live alongside my colleague Charles Pulliam-Moore, and you can also watch along at the link below. There will be lots of expected names during the stream, but I have my fingers crossed for a new season of Hemlock Grove.


A
Andrew WebsterSep 24
Looking for something to do this weekend?

Why not hang out on the couch playing video games and watching TV. It’s a good time for it, with intriguing recent releases like Return to Monkey Island, Session: Skate Sim, and the Star Wars spinoff Andor. Or you could check out some of the new anime on Netflix, including Thermae Romae Novae (pictured below), which is my personal favorite time-traveling story about bathing.


A screenshot from the Netflix anime Thermae Romae Novae.
Thermae Romae Novae.
Image: Netflix
J
Twitter
Jay PetersSep 23
Twitch’s creators SVP is leaving the company.

Constance Knight, Twitch’s senior vice president of global creators, is leaving for a new opportunity, according to Bloomberg’s Cecilia D’Anastasio. Knight shared her departure with staff on the same day Twitch announced impending cuts to how much its biggest streamers will earn from subscriptions.


T
Twitter
Tom WarrenSep 23
Has the Windows 11 2022 Update made your gaming PC stutter?

Nvidia GPU owners have been complaining of stuttering and poor frame rates with the latest Windows 11 update, but thankfully there’s a fix. Nvidia has identified an issue with its GeForce Experience overlay and the Windows 11 2022 Update (22H2). A fix is available in beta from Nvidia’s website.


A
External Link
If you’re using crash detection on the iPhone 14, invest in a really good phone mount.

Motorcycle owner Douglas Sonders has a cautionary tale in Jalopnik today about the iPhone 14’s new crash detection feature. He was riding his LiveWire One motorcycle down the West Side Highway at about 60 mph when he hit a bump, causing his iPhone 14 Pro Max to fly off its handlebar mount. Soon after, his girlfriend and parents received text messages that he had been in a horrible accident, causing several hours of panic. The phone even called the police, all because it fell off the handlebars. All thanks to crash detection.

Riding a motorcycle is very dangerous, and the last thing anyone needs is to think their loved one was in a horrible crash when they weren’t. This is obviously an edge case, but it makes me wonder what other sort of false positives we see as more phones adopt this technology.


A
External Link
Ford is running out of its own Blue Oval badges.

Running out of semiconductors is one thing, but running out of your own iconic nameplates is just downright brutal. The Wall Street Journal reports badge and nameplate shortages are impacting the automaker's popular F-series pickup lineup, delaying deliveries and causing general chaos.

Some executives are even proposing a 3D printing workaround, but they didn’t feel like the substitutes would clear the bar. All in all, it's been a dreadful summer of supply chain setbacks for Ford, leading the company to reorganize its org chart to bring some sort of relief.