- Twitch-famous bounty hunter kicks down target’s door in wildly popular live stream 4 Years Ago
- New GOP bill would audit major tech companies for bias 4 Years Ago
- Instagram artist accused of faking her paintings says they’re ‘100%’ real 4 Years Ago
- Trump refuses to apologize for Central Park Five death penalty ads Today 11:08 AM
- While Rubio smiles at Trump’s campaign rally, the internet drags him Today 11:04 AM
- Dr Disrespect is still banned from Twitch. When will he be back? Today 10:36 AM
- ‘Avengers: Endgame’ is returning to theaters with new material Today 10:18 AM
- House fails to pass amendment curbing government surveillance Today 10:12 AM
- What happened when Ed Krassenstein crashed the Chapo Trap House subreddit Today 9:21 AM
- Andrew Yang comes out as pro-Bird Scooters Today 8:59 AM
- Netflix claims Adam Sandler’s ‘Murder Mystery’ broke viewing records Today 8:09 AM
- How to watch ‘Yellowstone’ online for free Today 8:00 AM
- How online allies joined a trans artist’s street art war Today 7:30 AM
- These edited videos show the dark side of your favorite cartoons Today 7:00 AM
- Coca-Cola now exists in ‘Star Wars’ canon Today 6:44 AM
Whatever you do, don’t lose your phone.
In an age where digital security and privacy are slowly becoming nonexistent, Yahoo has a new way to make your accounts even less secure.
That’s right, with Yahoo’s new “on demand” passwords, you completely ditch your password and replace it with a time-sensitive code that’s sent to your phone or tablet through an app or text message. It’s like two-step verification without the password step.
In other words, users of the “on demand” feature no longer enter their regular passwords. Instead, they simply enter the one-time code.
Because the “on demand” code is only valid for a limited time, the system theoretically removes some of the dangers of having your login credentials stolen and used to hijack your account. It also eliminates the need to create a strong password that’s hard to remember—and the tendency to use passwords that are downright horrible.
There’s just one problem.
If your phone is lost or stolen, your Yahoo account is at risk. “On demand” passwords take the first, most crucial step out of two step verification: a strong password. Yahoo’s “on demand” passwords are intended to make logging into your accounts a little convenient, but you sacrifice security in the process.
Yahoo already offers one of the best ways to secure your accounts: Two-step verification, which requires both a password and a verification code, provides an extra layer protection if your password were compromised or if your mobile device wer stolen.
While “on demand” passwords may be a step back in securing your accounts, Yahoo is making strides in the other direction: email encryption. The company announced Monday work on a system that allows users to easily use end-to-end PGP encryption, one of the most sophisticated encryption methods, through a simple browser plugin. Yahoo says the plugin will debut in the fall.
Here’s a video of the plugin in action. On the left is the traditional process for setting up PGP encryption for your email:
H/T The Verge | Illustration by Max Fleishman
Once named one of Forbes’ 20 Under 20 and hired as a staff writer for the Daily Dot when he was still a senior in high school, William Turton is a rising tech reporter focusing on information security, hacking culture, and politics. Since leaving the Daily Dot in April 2016, his work has appeared on Gizmodo, the Outline, and Vice News Tonight on HBO.