I had Blackberry setup to access my yahoo email account and since yesterday I am not able to login to the Yahoo mail....is that because my Blackberry was constantly trying to access the account and eventually the account get locked up, maybe?

I haven't tried this out yet, but I will say that I love yahoo's beta mail. Very good and well written site that heavily uses AJAX. I really like where yahoo is going (although I must admit I only use them for mail ;-)

I've just created a 'seal'

Then I went to test it ...
1. Sign-in at www.yahoo.com ... no seal
2. Sign-in at mail.yahoo.com ... no seal

doesnt appear to work

maybe its so new they havent implimented it on all their sites yet

Works for me. I use Yahoo Toolbar, and I am currently re-signing in, and I see my seal. I guess it's on an individual basis that it's not working.

Worked for me. I really don't see what use it is (other than having a cute little thumbnail of my dog on the sign in page) just thought I'd see if it was easy to do and/or actually worked. I did it without using yahoo tool bar also.

This has an obvious flaw. It only works if Yahoo expects you. This can be easily worked around by presenting blank username and password boxes. Yahoo can't personalize them when they don't know who you are yet, and thus those can be imitated easily.

I nice idea, but a determined phisher can create a new textbox and write the server side code for harvesting your username in under 30 minutes, which is far less time it must've taken Yahoo to implement this feature.

Not to mention it may be possible for a server to retrieve your personalized seal with a bit of work (it would have to trick the Yahoo server into thinking it's you returning... and then the Yahoo server just hands the personalized seal to the bogus server, which injects it right in the bogus page. Not sure if this is possible or not, but certainty easier than making them think you're logged in, as no password is needed).

If it uses cookies it sounds like it would keep a cookie with the yahoo username of the last known person to use that account on that computer in, which would then be sent to yahoo when you next access the page. Yahoo would then look up the personalised message/image and stick it on the page that gets returned to the browser. The image and text appear next to the login box (which are already blank) or just above it (not inside it, as I think you were suggesting).
For the server to retrieve the seal it would have to gain access to the cookie that contains the yahoo username (not sure how easy that is).

It won't work in a public system as you probably wouldn't be the last person to use the computer (assuming you have to use a shared account). They could always use a system where you put in your username and it returns the seal (AJAX?), but this would let the phishers get part of the login info (username) unless they just randomly generated a seal (something believable) that could be meaningless for whatever is entered (only you would recognise that it was your seal and not something random).

An interesting concept.

LOVE IT!

This is an excellent idea. I like it.