advertisement
Home
News
Sports
Suburban Business
Entertainment
Lifestyle
Opinion
Classifieds
Obituaries
Shopping
Newspaper Services
Business

Apple beefs up security for resetting passwords

Posted August 08, 2012 2:02 pm
Bloomberg

Apple Inc. is beefing up security for resetting user passwords after a journalist wrote about a hack affecting his personal data, highlighting possible weaknesses in the system protecting more than 400 million user accounts.

The company is temporarily suspending the ability to reset AppleID passwords over the phone while it takes steps to make the procedure more secure, said Natalie Kerris, a spokeswoman for Cupertino, California-based Apple.

Mat Honan, a reporter for Wired, wrote this week that hackers gained access to his account, erasing pictures and other data from his iPhone, iPad and MacBook, after resetting his password over the phone. The incident highlighted potential vulnerabilities in AppleID, the verification needed for purchasing music, movies and applications from iTunes, as well as downloading software updates and accessing content on Apple’s iCloud Web-storage service, he said.

“This system can reset a password in one of two ways: either have a password reset sent to an alternate e-mail address already on record or challenge the customer to answer security questions they had previously set up,” Kerris said. “When we resume over-the-phone password resets, customers will be required to provide even stronger identify verification to reset their password.”

In the Aug. 6 article, Honan wrote that the hackers were able to use the last four digits of his credit-card number and his home address to get a member of Apple’s tech-support staff to reset his password. He said the hackers got his credit-card information by first gaining access to his account at online retailer Amazon.com Inc.

“The very four digits that Amazon considers unimportant enough to display in the clear on the Web are precisely the same ones that Apple considers secure enough to perform identity verification,” Honan said in his article.

Ty Rogers, a spokesman for Seattle-based Amazon, said the company has investigated the reported exploit and closed it off. He declined to elaborate.

In addition to the Apple and Amazon accounts, the hackers took over Honan’s Twitter Inc. profile, posting racist and homophobic messages on the microblogging site, he said.

0 Article Comments
Article Categories
Business
Article Comments
Guidelines: Keep it civil and on topic; no profanity, vulgarity, slurs or personal attacks. People who harass others or joke about tragedies will be blocked. If a comment violates these standards or our terms of service, click the "flag" link in the lower-right corner of the comment box. To find our more, read our FAQ.
Back To Top
About Us
Staff
Quick Links
Advertising
Services
Copyright © 2024 Paddock Publications, Inc., P.O. Box 280, Arlington Heights, IL 60006
Paddock Publications, Inc. is an Employee-Owned Company