Major security risk for Apple ID and iCloud users

Hackers could reset your password with just your e-mail and DOB

Security risk detected for Apple users personal accounts. Hackers could gain access to an account by resetting the password needing only your e-mail and date of birth.

Apple finally implemented a two-step authentication earlier this week for added protection to user's Apple ID and iCloud accounts. Following the announcement comes the warning from The Verge that a security hole can leave your account vulnerable for attack.

Customers who haven't enabled the new feature are offering hackers the opportunity to change your password with just your date of birth and email address.

Although the two-step authentication feature was rolled out to improve security, a lot of Apple customers are unable to sign up to it being shafted by a 3-day waiting time.

A solution has been offered for customers unable to change their account authentication process. For added protection whilst waiting, log-in and change your date of birth to a fake date that no-one else will know.

To adjust details on your account; log-in, head to Account Settings and scroll to the bottom of the page for Password and Security.

Users outside the UK, US, Australia, Ireland and New Zealand cannot utilise the new security measure yet as it has not become available.

'The exploit involves pasting in a modified URL whilst answering the DOB security question on Apple's iForgot page,' The Verge reports.

Recent updates suggest that Apple are attempting to tackle the problem by shutting down the password reset tool.

The move to the new feature was a bid to bring Apple's online security inline with company's such as Google and Facebook.

For instructions on the new two-step authentication click here.

Source: The Verge

Tags