Security Week – As SecurityWeek reported, Yahoo announced this week that all Yahoo Mail communications—whether on the Web, mobile Web, mobile apps, or even via IMAP, POP and SMTP—would be encrypted by default using 2,048-bit certificates. This move will protect all the contents of emails, attachments, contacts, Calendar information, and even Messenger data, as they move between the user’s browser and Yahoo’s servers.
On the surface, the fact that Yahoo! finally enabled HTTPS encryption for all Yahoo Mail users sounds like good news. However, one security expert called the move “too little too late” and found Yahoo’s actions “quite troubling.”