Yahoo to ditch Google and Facebook signups for its own services

In 2010, Yahoo announced a deal with Facebook that would allow people to sign up to use Yahoo's services with their Facebook account. Yahoo later expanded that program to include Google accounts. This week, the company confirmed that it will slowly move away from supporting both Facebook and Google for its services.

Reuters reports that Yahoo will soon require users to get an ID directly from the company to access services. This will begin for people who use the NCAA college basketball service Yahoo Sports Tourney Pick'Em. Later, getting a Yahoo ID will be required to access other services, including the popular Flickr photo and video storage division. A spokesperson for Yahoo said the changes "will allow us to offer the best personalized experience to everyone." There is no word when the transition will be fully completed.

Yahoo has been making a number of changes since CEO Marissa Mayer came on board in 2012. That includes new additions such as buying Tumblr and launching a revamp of Yahoo Mail, not to mention a new company logo. However, the company has also shut down services such as the old search engine AltaVista and the Yahoo Axis browser plug-in since Mayer's arrival.

Source: Reuters | Yahoo image via Shutterstock 

Report a problem with article
Previous Story

Ellen's Oscar Twitter post had over 32 million views, was seen by 8.1 million people

Next Story

BlackBerry 10 smartphone owners can now use Microsoft's OneDrive

22 Comments

Commenting is disabled on this article.

This doesn't really matter as even when using oAuth to sign into a service like Yahoo via Facebook etc. you are still using a Yahoo ID in some form in order to store the app-specific details about you that the oAuth provider does not store. Although Yahoo may have badly implemented this so you are 100% reliant on the oAuth provider rather than just connecting the two and letting you sign in with either (like MySpace does) The biggest issue is that Yahoo doesn't let you create an ID without signing up for their email service too.

I can understand why Yahoo! would want to have users rely on their own services, they have stated that they no longer want to be a front for third party services. They used to be a huge unique resource, and have become a shell of their former selves. We'll see if it works out for them, hopefully for their sake they are able to propose services that have advantages over the competition, but it might be too late for them to return to their former glory.

I say this objectively, because I didn't personally make use of their services, but they did have a loyal userbase that seemed to love what they were doing. Myself, I would just hate to lose a competitor in the web service space, options are getting fewer and fewer and as that happens, service providers are losing their scruples.

You know there are legitimate reasons why a company like Yahoo might want to control their authentication mechanism. As a large company that provides international sites and services (and I don't mean just that they're accessible to anyone around the world, but that they have localized sites for multiple markets), there are numerous issues they face:

1) If an incident arises (such as a data breach or leak) they may have legal obligations to provide notice. This gets complicated when you're leveraging a third parties' mechanism. Not impossible, but complicated... especially dependent upon the market regulations in question.

2) If a breach is actively occurring you may not want notice to go out immediately, as it could compromise the investigation. Sometimes your security team may be working to try and catch the person(s) responsible instead of simply 'closing the hole'. When you don't own the authentication mechanism you don't control if/when notices go out.

3) A large number of users will still reach out to the wrong support team when they are unable to successfully sign-in. I'm sure that Yahoo Support gets plenty of people complaining that they can't get into their Yahoo service when there's a problem with Google or Facebook's mechanisms... and it doesn't help to simply say 'go talk to them'. That's a bad user experience... one where Yahoo takes the blame.

4) Continuing from the previous issue... when a user cannot remember their password, or their account has been compromised, there are quite a few who will reach out to Yahoo Support, who is unable to help them. Once again, a bad user experience that Yahoo takes the blame for (certainly from some of these people).

5) If someone closes their Facebook or Google account, or it gets closed on them for TOU violations, they may lose access to their Yahoo services... which they undoubtedly would pitch a fit over.

These are just five reasons I can quickly think of off the top of my head... I'm sure there are more. I would just suggest that their reasoning is likely based off significant consideration of issues they've been dealing with, not necessarily a simplistic attempt to tick off their user-base... implement some sort of nefarious 'power-grab' (put on your tinfoil hat at the sound of the beep)... or to destroy their business/the Internet/your life.

Monkeys4me said,
You know there are legitimate reasons why a company like Yahoo might want to control their authentication mechanism. As a large company that provides international sites and services (and I don't mean just that they're accessible to anyone around the world, but that they have localized sites for multiple markets), there are numerous issues they face:

1) If an incident arises (such as a data breach or leak) they may have legal obligations to provide notice. This gets complicated when you're leveraging a third parties' mechanism. Not impossible, but complicated... especially dependent upon the market regulations in question.

2) If a breach is actively occurring you may not want notice to go out immediately, as it could compromise the investigation. Sometimes your security team may be working to try and catch the person(s) responsible instead of simply 'closing the hole'. When you don't own the authentication mechanism you don't control if/when notices go out.

3) A large number of users will still reach out to the wrong support team when they are unable to successfully sign-in. I'm sure that Yahoo Support gets plenty of people complaining that they can't get into their Yahoo service when there's a problem with Google or Facebook's mechanisms... and it doesn't help to simply say 'go talk to them'. That's a bad user experience... one where Yahoo takes the blame.

4) Continuing from the previous issue... when a user cannot remember their password, or their account has been compromised, there are quite a few who will reach out to Yahoo Support, who is unable to help them. Once again, a bad user experience that Yahoo takes the blame for (certainly from some of these people).

5) If someone closes their Facebook or Google account, or it gets closed on them for TOU violations, they may lose access to their Yahoo services... which they undoubtedly would pitch a fit over.

These are just five reasons I can quickly think of off the top of my head... I'm sure there are more. I would just suggest that their reasoning is likely based off significant consideration of issues they've been dealing with, not necessarily a simplistic attempt to tick off their user-base... implement some sort of nefarious 'power-grab' (put on your tinfoil hat at the sound of the beep)... or to destroy their business/the Internet/your life.

All correct. Except if oAuth is properly implemented so you use the provider to quick start the sign up or login process but is connected to an account internally that you can use if you decide against the oAuth. MySpace is a good example of this.

So seriously guys what about people who log in with google? Will it not accept it after awhile or make a yahoo account? I'm going to be pissed.

It should be, or at least a similar alternative. Done right, oAuth logins add a massive ease of use bonus to a site. Stackexchange websites (Stackoverflow.com, Superuser.com, etc) have a great oAuth implementation. Click a single button to log in (assuming you're already logged into the oAuth provider), and it automatically logs you back in when you're logged into your oAuth provider (I think). No need to set up a profile or anything.

The trouble is, oAuth is a good idea, so now we've also got companies battling it out to tempt you to use their own proprietary auth mechanisms. We've got Facebook, Twitter, Google, Microsoft and soon Yahoo all looking for that sweet sweet tracking data to see what websites you're signed up to.

The result is that what was initially looking like the beginnings of a standardized authentication mechanism is now fragmented between a metric buttload of proprietary solutions.

</rant>

Melfster said,
Good job on destroying Yahoo Marissa.

Do you think she'll get a time bonus for destroying Yahoo in a timely fashion when she returns to Google?

i don't trust yahoo with my security. most people on my yahoo fantasy hockey league had unauthorized access to their accounts and had to change passwords/set-up 2 step verification because of their crappy service.

Co_Co said,
i don't trust yahoo with my security. most people on my yahoo fantasy hockey league had unauthorized access to their accounts and had to change passwords/set-up 2 step verification because of their crappy service.

I do hope you don't trust anyone with it... Always use a unique password for each and every site. Use a password manager to ensure the passwords are cryptographically strong and to give you a good idea of your digital exposure.

Shadrack said,
Damn. I use Google to login to my flickr accound.

The good news is, there are alternatives.

I really don't think Yahoo is in any position to 'force' this on consumers. Ease of access is probably one of the reasons why its popular in the first place.

But I must admit i my country Yahoo has compleetly died already. I'm not sure how things are elsewhere so maybe my perception is wrong.