Google announced in June that it was working on a new Chrome extension to simplify end-to-end encryption and make it more accessible to average users. And Yahoo started hinting in August that it wanted to develop a similar service. Now that plan seems to be underway.
At South by Southwest on Sunday, Yahoo’s information security chief, Alex Stamos, showed a video demonstrating how quick and simple the plugin would be to use. In the demo, he pitted Yahoo’s tool against traditional end-to-end encryption setups. The Yahoo user was able to send a secure message and start browsing cat photos, while the user of the other approach was still working. The Washington Post reports that Stamos views end-to-end encryption as an option customers will want to use for their most sensitive messages—not for everything.
“What we’re trying to do at Yahoo is build our products so they’re safe and trustworthy, not just secure,” Stamos told the Post.
And the company is taking other steps to achieve this goal, too. Alongside the discussion about an end-to-end extension, Yahoo also announced a new password system called “on-demand” passwords. The feature lets Yahoo Mail users register their cellphones with their accounts so they can have short, four-character codes sent to their phones every time they want to log in.
Users don’t have one master password that can be leaked or stolen, and they need to have their phone with them to log in. The approach is sort of like the two-factor authentication that popular services already offer but with a new twist. As CNET reports, Yahoo’s vice president of product management for consumer platforms, said during Yahoo’s South by Southwest presentation, “This is the first step to eliminating passwords.”
Yahoo’s services aren’t exactly hip, but the company does have a loyal user base. And if it can deliver trustworthy security products, it may be able to lure converts.