I think this new policy shows that Yahoo! does not realize that email addresses represent long-term identity, and 12 months of inactivity is not nearly long enough.
If you ever used a Yahoo! email to register for a website and then you forget about that email address for a year, then somebody else could get that email account, use the “remind/reset password” on said website, and become you.
From there, it doesn’t take much work to chain to your various other accounts. Mat Honan’s famous victimization followed a similar pattern — he lost control of one account and that led to his personal computer being wiped remotely.
Originally shared by Lauren Weinstein