toggle

AAPL Stock: 121.27 ( -1.1 )

Printed from http://www.macnn.com

Apple restores 'iForgot' system, fixes password flaw

updated 10:52 pm EDT, Fri March 22, 2013

Quick response prevents any reports of actual account compromises

A security flaw exposed earlier on Friday has already been fixed, just hours after it was discovered, according to Apple. The issue, which could have allowed malicious users to hijack and lock out the legitimate owners, just by knowing the email address and exact birthdate of a victim. In response, Apple temporarily took its "iForgot" password-resetting service offline while it resolved the issue.

The process involved pasting a modified URL while answering the birthdate question on the password retrieval page, which allowed the attacker to reset the password. Ironically, the only defense against the vulnerability was to enable Apple's just-introduced two-step verification process, which adds a PIN code requirement before changing account info. The PIN code is only accessible through Find My iPhone or a text message to a pre-registered phone number.

The iForgot service was restored around 6:30PT after being down for approximately five and a half hours. Apple had been quick to respond to the issue, releasing a statement that it was aware of the problem and working on a fix shortly after iForgot was taken offline. The company's move likely prevented the exploit from being used widely -- no field reports of compromised accounts have been seen thus far.

All systems are now reported to be working properly, and the vulnerability has been closed.





by MacNN Staff

POST TOOLS:

TAGS :

toggle

Comments

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

Follow us on Facebook

toggle

Most Popular

Advertisement

Recent Reviews

HP 14-x030nr 14-inch Chromebook

If you're like us, chances are you've come to realize that you need the ability to access the Internet on the go. Also, you've prob ...

15-inch MacBook Pro with Force Touch

Apple's 15-inch Retina MacBook Pro continues to be a popular notebook with professional users and prosumers looking for the ultimate ...

Typo keyboard for iPad

Following numerous legal shenanigans between Typo -- a company founded in part by Ryan Seacrest -- and the clear object of his physica ...

toggle

Most Commented