How to secure your Yahoo account with second sign-in and App Passwords
Two factor authentication is all the rage. Google has done it, as has Facebook and LinkedIn. Yahoo is getting in on the action with a couple of security features -- second sign-in verification and App Password.
Second sign-in verification works much as you would expect any similar service to work. Whenever a login is attempted from an unrecognized device, you'll be prompted to enter a code that will be sent to your mobile.
It might seem like an awkward step, but when you think about the amount of personal data that you keep stored in your account, it really does make sense. So here's how you get setup and make sure your Yahoo account is as secure as possible; you'll need to have your mobile phone at hand.
Head over to the Yahoo website, sign into your account and then go to "Account Settings". From here, choose the option to edit your "Account Info" and then click the "Set up your second sign-in verification" link.
Click the "Get Started" button and then either ensure that the phone number associated with your account is correct, or run through the process of adding your current mobile number. A code will be sent out to your phone via SMS and you'll need to enter this and click OK.
There are a number of third-party apps that are not compatible with second sign-in (including, oddly, some Yahoo apps), and this is where App Passwords is needed. Having configured second sign-in you'll immediately be prompted to set up this alternative security feature.
Click the "Generate password" button to get started.
Enter the name of the app for which you need a password and click "Generate Password".
You'll then be provided with a (fairly lengthy) password that you'll need to enter in the app -- thankfully this only needs to be done once, and it replaces any password that you currently use to access other areas of your account.
Any time you need to add a new app, just head to the settings page of your Yahoo account and click the "Manage your app passwords" link.
Should you need to revoke access to an app -- such as if you lose your phone -- you can just click the "Remove" button next to any app you have configured.