What's a Yahoo Mail user to do now? Skedaddle.
The secure thing to do, and the recommendation here is simple: Ditch your Yahoo Mail account and sign up for a Gmail account with two-step verification.
Delete your Yahoo! Mail account
First order of business is copying or forwarding your Yahoo emails, saving your Yahoo contacts on your computer, and exporting your Yahoo calendar so that it can be imported to another calendar program.
Then go to the "Terminating your Yahoo Account page".
[ ALSO ON CSO: US lawmakers want answers on Yahoo email surveillance ]
You'll see a Yahoo security note on that page. If you click on it, Yahoo tells you that they've identified data security issues concerning certain Yahoo user accounts. Oh really? They go on to explain how you can stick with Yahoo Mail and protect yourself. Move on.
Sign up for a Gmail Account
Head over to gmail.com and follow the instructions to sign up for your free Gmail account.
On day one, you should turn on Gmail's two-step verification.
If you're already a Gmail user, those instructions explain how to activate two-step verification in your account.
In a nutshell, you'll have a two-step process for logging into your email. First you'll type in your login ID and password. Then you'll need to type in a second code which Gmail texts to your mobile phone each time you attempt to login.
This way, a hacker can't access your email unless they have your phone.
Once you're signed in, It's easy to disable the two-step verification for a particular computer and avoid the inconvenience of the extra step each time you login to your email. And you'll still be protected because anyone else who tries to sign into your account from another computer will need to complete the two-step verification (and they can't complete step 2 without your phone).
Now, your phone is the physical key to unlock your email account.
The technical term for Gmail's two-step verification is multi-factor authentication (MFA) which is a security system that requires something you know (your login ID and password) and something you possess (i.e. your phone) in order to gain access to a device or app.
Google isn't the only email provider to offer MFA. AOL Mail and the other popular email providers do as well. Yahoo Mail offers MFA and for anyone stuck on continuing with them, an upgrade to the two-step process is strongly recommended.
Then why switch?
Even with Yahoo Mail's MFA, switching is the safe bet.
Gmail was among the first to offer more robust authentication and security measures, such as two-step authentication, writes Brian Krebs, on his immensely popular blog ‘Krebs on Security’.
The simple logic is that Google is a safer neighborhood than Yahoo for email and social media activity. Google's been a first mover and innovator when it comes to cybersecurity, and Yahoo's been a laggard. Plus, Yahoo's been very slow in responding to hacks on their users.
It's likely that Google will remain ahead of the field in baking the latest security advances into Gmail. If you can backup all of your Yahoo data and make the switch to Gmail, then the question becomes: Why not switch?
So, get up and running on Gmail with two-step verification ASAP.