I challenge Yahoo to prove their login security isn't stupid.
Stop using captchas at login. Stop sending unexpected sign in attempt e-mails. Stop sending verification codes. Just let users sign in. This security sytem has no functional use or purpose.
I challenge Yahoo to post a professionally derived probability number for one person out of 7 billion anywhere on earth picking a random other person out of 7 billion and guessing their correct password in the first attempt.
Consider a lottery: Guess 6 numbers out of 60. Consider a Yahoo password: Guess a random number of digits, upper and lowercase letters and 32 symbols (94 characters) randomly slected by one in 5 billion people? The chances are so infinitessimally small they are unworthy of consideration i.e. impossible.
The only way a person could "guess" another persons Yahoo password in the first attempt is if Yahoo itself had been compromised or the person had access to the other persons password in their home location (the only thing Yahooo allows).
So Yahoo, give us your, professionally derived probability number and explain, based on that number, why I need to do a captcha and a code to sign on from another country and how you believe you are protecting anyone from a chance likely to be less than the creation of life from a bucket of chemicals.
Your system is unfounded in logic, serves no purpose, offers no security and is a joke, an extremely annoying joke.