You are here

HomeBrandon Dimmel › Apple (Finally) Introduces Two-Step Authentication

Apple (Finally) Introduces Two-Step Authentication

Dennis Faas's picture
by Brandon Dimmel on March, 25 2013 at 08:03AM EDT

After a simple yet devastating hack of its security went public last August, Apple has -- just eight months later -- introduced a two-step authentication system.

Back in early August 2012, Wired.com's Mat Honan was devastated to find that hackers were able to gain access to his MacBook, iPhone, and Gmail account after easily bypassing both Apple and Amazon security systems.

Hackers Exploit Simple Security Systems

Hackers used a simple trick: they called Amazon to request a password change. When prompted by an Amazon representative, they presented Honan's name, billing address, and email address.

Once they were into his Amazon account, the hackers took the last four digits of his credit card number and contacted Apple. Because this was the only information required to access an Apple iCloud account, the hackers gained entry to Honan's MacBook and iPhone.

They then wiped everything clean.

Apple and Amazon faced loads of criticism for using such pathetic security systems to protect tens of millions of users. Now, in late March 2013, Apple has finally done something about it.

Special Code Sent to Smartphone

The company will now use a two-factor authentication system, meaning users (and hackers) must present two separate pieces of identification in order to access an account. (Source: venturebeat.com)

Specifically, Apple says it will offer users an application for their phones that sends a text message code which can be used to access an account.

All it takes for Apple users to set up two-factor authentication is a visit to the Apple ID website. After setting up an Apple ID and logging in, you'll need to click on the security tab. You'll then be prompted to identify a "trusted device" that can receive texted codes. (Source: apple.com)

Apple's decision to introduce two-factor authentication is also a response to a recently-discovered password-reset exploit that allowed hackers to gain access to accounts with just an email address and date of birth.

Apple has since patched the flaw. (Source: nbcnews.com)

Filed under:
Security
| Tags:
security systems
,
two-factor authentication
,
hackers
,
amazon
,
apple
,
account
,
access
Rate this article: 
No votes yet
Need Help? Ask!



My name is Dennis Faas and I am a senior systems administrator and IT technical analyst specializing in cyber crimes (sextortion / blackmail / tech support scams) with over 30 years experience; I also run this website! If you need technical assistance , I can help. Click here to email me now; optionally, you can review my resume here. You can also read how I can fix your computer over the Internet (also includes user reviews).

We are BBB Accredited

We are BBB accredited (A+ rating), celebrating 21 years of excellence! Click to view our rating on the BBB.