Ina Fried

Recent Posts by Ina Fried

Apple Blocks iForgot Password System to Deal With Security Flaw

apple_id_screenApple has temporarily taken its iForgot password system offline to prevent against a security flaw that could let someone reset another person’s Apple ID by knowing only their email and birthdate.

“Apple takes customer privacy very seriously,” the company said in a statement on Friday. “We are aware of this issue, and working on a fix.”

While iForgot has been taken offline temporarily, there are other ways to reset one’s password, including going to the Apple ID Website.

Apple is also in the process of adding the option for Apple ID users to choose a two-step verification process. The process requires users to enter an additional code, sent to an existing device, when making a purchase from a new one.

“Two-step verification is an even more robust process to ensure our users’ data remains protected,” Apple said. “We are now offering our users the choice to take advantage of this additional layer of security.”

Update: The iForgot system is back up and running and the vulnerability appears to have been closed.

Latest Video

View all videos »

Search »

I think the NSA has a job to do and we need the NSA. But as (physicist) Robert Oppenheimer said, “When you see something that is technically sweet, you go ahead and do it and argue about what to do about it only after you’ve had your technical success. That is the way it was with the atomic bomb.”

— Phil Zimmerman, PGP inventor and Silent Circle co-founder, in an interview with Om Malik