Got an old Yahoo email address kicking around that you haven't checked in a year or so? Better log in over the next few weeks if you'd like to keep it. Otherwise, Yahoo is going to free it up for someone else. The example it uses is letting someone claim an address of "firstname.lastname@example.org" rather than "email@example.com." It may sound like some harmless house-cleaning, but this is a "spectacularly bad idea," writes Mat Honan at Wired.
"It means that people will be able to claim Yahoo IDs and use them to take over other people’s identities via password resets and other methods," he writes. If someone has a seldom-used Yahoo account as a backup to Gmail, for example, this raises the possibility that the new owner of the Yahoo address will figure out a way into the Gmail account. Yahoo insists it will take pains to make sure that any recycled ID is safe and secure, but Honan wants the company to rethink this one. Otherwise, "this is going to lead to a social engineering gold rush come mid-July." Click for his full post.