Posted on

Apple Suspends iForgot Password Reset Page to Patch Security Hole

Apple shuts down iForgot page to address security issue

On Friday, we learned that Apple rolled out two-step authentication to allow users to better protect their accounts. Shortly after, reports started coming in about a serious vulnerability that could be exploited to reset passwords.

According to The Verge, the accounts of users could have been hijacked by anyone possessing the victim’s email address and date of birth.

Apple shut down its iForgot password reset page and immediately started working on addressing the issue.

However, while the Cupertino giant was working on the fix, the accounts of users who didn’t activate two-factor verification were at risk.

Unfortunately for some users who attempted to activate the new security measure, they were informed that it would take up to three days before two-step authentication was enabled, leaving their accounts vulnerable to hijacking.

Currently, the iForgot page has been restored. The Verge reports that the password reset exploit no longer works

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s