Apple boosts security for over-the-phone password resets after hack

“Apple Inc. is beefing up security for resetting user passwords after a journalist wrote about a hack affecting his personal data, highlighting possible weaknesses in the system protecting more than 400 million user accounts,” Adam Satariano reports for Bloomberg.
“The company is temporarily suspending the ability to reset AppleID passwords over the phone while it takes steps to make the procedure more secure, said Natalie Kerris, a spokeswoman for Cupertino, California-based Apple,” Satariano reports. “‘This system can reset a password in one of two ways: either have a password reset sent to an alternate e-mail address already on record or challenge the customer to answer security questions they had previously set up,’ Kerris said. ‘When we resume over-the-phone password resets, customers will be required to provide even stronger identify verification to reset their password.’”

Satariano reports, “Mat Honan, a reporter for Wired, wrote this week… ‘The very four digits that Amazon considers unimportant enough to display in the clear on the Web are precisely the same ones that Apple considers secure enough to perform identity verification,’ Honan said in his article. Ty Rogers, a spokesman for Seattle-based Amazon, said the company has investigated the reported exploit and closed it off. He declined to elaborate.”


One comment on “Apple boosts security for over-the-phone password resets after hack

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s