Security → RRVS, Facebook and Yahoo work to prevent identity theft

Last year Yahoo announced the decision to reset any account that has not been used for 12 months, making them available to other users. The decision has raised several doubts for security and privacy issues, the policy chosen by Yahoo could expose users to the risk of for identity theft, let’s imagine for example that a user share the same Yahoo email with other web services, the new owner of the account could impersonate the old one and request a password reset to gain access to all the services linked to that email (i.e. Facebook).

Facebook confirmed that its concern about the security of its account linked to a recycled Yahoo account that could be taken over by a recycled Yahoo email address.

Yahoo and Facebook have worked together to overwhelm the problem, their engineers have developed an SMTP extension dubbed Require-Recipient-Valid-Since (RRVS) which inserts a timestamp in the header of an email message. The timestamp is used to indicate when Facebook last confirmed ownership of the Yahoo account....