Last month, Yahoo announced an username recycling program designed to retire some of its decades worth of inactive accounts so that new, active users might be able to be claim [email protected] rather than settling for a less comprehensible [email protected]
As promised, the company has sent messages to dormant accounts (those which have not logged-in to any Yahoo products in the previous 12 months) to confirm their inactiveness. Those who did not respond have had their usernames thrown into a pool of available handles. New users in search of a simpler username can put their top five picks for desired username at wishlist.yahoo.com.
According to a post on Yahoo's official tumblr (that still sounds weird!), users will receive an email sometime in "mid-August" letting them know notifying them if they were the first in line to claim an available username along with a link to claim it within 48 hours.
I put in my bid for "bradpitt," "barackobama," "whitehouse," "evan," and "marissamayerceo," this morning. Wish me luck!
Keep it secure
The company's plan was the target of criticisms about protecting the security of the unused accounts, some of which may be--despite being long forgotten to their users--the primary email for still active social media or financial sites. In response, Yahoo has implemented a Require-Reicipent-Valid-Since header with e-commerce and social networking sites. As they describe it on their developer's site:
If a Facebook user with a Yahoo! email account submits a request to reset their password, Facebook would add the Require-Recipient-Valid-Since header to the reset email, and the new header would signal to Yahoo! to check the age of the account before delivering the mail. Facebook users typically confirm their email when they sign up for the service or add new emails to their account, and if the "last confirmed" date that Facebook specifies in the Require-Recipient-Valid-Since header is before the date of the new Yahoo! username ownership, then the email will not be delivered and will instead bounce back to Facebook, who will then contact the user by other means.
While the new security measure may be of some relief to lapsed Yahoo users, it's a good idea to keep on top of what emails your social networks, e-commerce, and financial sites have in records, regardless.