Apple temporarily halts AppleID password resets over the phone

Since the hack last week, Apple has now suspended (temporarily) password resets over the phone of AppleIDs. The reason seems to be to buy them time to figure out exactly how and why the password reset happened.

The information of the password reset being pulled comes from Wired. Amazon has already responded to the hack and has now made changes to its system so that the last 4 digits of credit cards are not visible. The reason for the change at Amazon was because the hacker managed to log in to an Amazon account, grab the last 4 digits and provide those to Apple to have a password reset on an account that didn’t belong to him.

What Matt Cutts of Google recommends is that everyone switch to two-factor authentication. What this requires is a password and a device such as a smartphone to log in. When you enter your password you receive a text with a pin code and you enter that. If you don’t pass both steps, you cannot get in. If others adopted this then hacking accounts would become more difficult.

Speak Your Mind