With all of the problems that Apple has had with Passcode flaws, Thursday's revelation of another security issue on the Apple iPhone 4 and Apple iPhone 5 seemed to be frustrating for iPhone owners. But things went from bad to worse on Friday when Apple announced that it was temporarily disabling iForgot due to a major security problem. iForgot allows you to reset your password for your Apple ID account.
The good news is that Apple has reinstated iForgot which means that the flaw has been repaired. The flaw had allowed someone to use a modified URL while answering the date of birth question on the iForgot page. This tricked the service into thinking that you had logged in properly and allowed the hacker to reset your password to gain control of the account, just knowing your birthdate and email address. Since this account is used to make purchases on the App Store, iBookstore and iTunes, the potential to have expensive purchases sent to someone else using your credit card was very high.
With the extermination of the flaw that caused the problem with iForgot, late Friday, Apple even added a way for users to get an extra layer of security by offering users a two-step verification process that requires you to verify your identity using one of your devices before signing in to My Apple ID to manage your account, before making a purchase on iTunes, the Apple App Store, or iBookstore using a new device, or before getting Apple ID related support from Apple. The advantage to opting for the two-step verification is that it raises the degree of safety and makes it harder for someone to access your account to make Apple ID related changes or to make unauthorized purchases. If you've opted in for the two step verification process, when you log in with your Apple ID# and password to make a purchase on iTunes (as an example), a 4 digit verification number is sent to a trusted device you own. That number will have to be entered in order to complete the log in.
Recommended Stories
Apple has fixed the bugs on iForgot
Despite the apparent corrections and fixes made by Apple, using the two step verification process will offer more security. Yes, it is more time consuming, but imagine if your identity had been lifted. And the only time you need to enter both your password and 4-digit verification number will be when signing on to your Apple ID account, or when logging in to iTunes, the App Store or iBookstore from a new device. Sounds like a good trade-off; more protection for just a little extra hassle.
Alan, an ardent smartphone enthusiast and a veteran writer at PhoneArena since 2009, has witnessed and chronicled the transformative years of mobile technology. Owning iconic phones from the original iPhone to the iPhone 15 Pro Max, he has seen smartphones evolve into a global phenomenon. Beyond smartphones, Alan has covered the emergence of tablets, smartwatches, and smart speakers.
Recommended Stories
Loading Comments...
COMMENT
All comments need to comply with our
Community Guidelines
Phonearena comments rules
A discussion is a place, where people can voice their opinion, no matter if it
is positive, neutral or negative. However, when posting, one must stay true to the topic, and not just share some
random thoughts, which are not directly related to the matter.
Things that are NOT allowed:
Off-topic talk - you must stick to the subject of discussion
Offensive, hate speech - if you want to say something, say it politely
Spam/Advertisements - these posts are deleted
Multiple accounts - one person can have only one account
Impersonations and offensive nicknames - these accounts get banned
Moderation is done by humans. We try to be as objective as possible and moderate with zero bias. If you think a
post should be moderated - please, report it.
Have a question about the rules or why you have been moderated/limited/banned? Please,
contact us.
FCC OKs Cingular\'s purchase of AT&T Wireless
Things that are NOT allowed: