Yahoo!

Yahoo has recently been in the news again lately due to yet another problem with data breaches. Having a Yahoo account, this Victor crew member has received an email from Yahoo about it.
Yahoo Email
In this message, they tell me that they are investigating the creation of forged cookies. They say they are taking steps to secure accounts. They say this forged cookie may have been created in 2015 or 2016 and they believe it to be connected to the September 22, 2016 data theft. They also give some actions you can take.

They suggest using a Yahoo Account Key which is something we will investigate ourselves at a later time. This user is on the verge of dismissing this account altogether although it was my first email created back in the 90s. I have added 2-step verification as well as changed the password.

Yahoo Email
Another email as a reminder from Yahoo states a reminder to secure to secure the account. They suggest updating to the Yahoo Mail app on android or iOS. They suggest to turn off insecure apps.

Yahoo Email
As I logged into the account after the above emails, there was a link to update security settings to block apps with less secure login. I am not sure what this entails yet, but will let you know when I find out.

Password security

The Victor crew has written about passwords several times in the past. Here is an older article that can stand the test of time regarding security and passwords: http://www.wired.com/2012/11/ff-mat-honan-password-hacker/. Even though this was about 3 1/2 years ago, the knowledge and wisdom Mat imparts is timeless.

Through these years, there hasn’t been much more change to secure passwords. You should probably consider what is called 2-step or 2-factor verification to secure your most used sites like Apple or Google. You can also get it for Facebook, twitter and other sites.

What you will need to do is make sure they have a phone number that they can send a verification code to. Then you will put use this code to register this device. You won’t be asked for this code again once the device is registered.