New Apple security hole reportedly opens door wide open to resetting accounts

If you're interested in trying out Apple's new two-step ID authentication, you might want to hurry up.


Apple just introduced two-factor authentication for Apple ID accounts, and there might already be some considerable urgency for it.

Reports have been circulating on Friday that there is a new security flaw in which anyone could reset an iCloud/Apple ID account with just a date of birth and a correlating e-mail address.

Based on a report from The Verge, it really doesn't get more complicated than that and a modified URL designed to trick unaware users.

To recall , the Cupertino, Calif.-based company added the two-step option for Apple ID users to have a verification code sent to an authorized device when signing in. Apple follows Facebook and Google (not to mention a number of enterprise tech business) embracing this heightened security trend.

Thus, now seems like a primetime to set up two-factor authentication if you haven't already.

The problem is that some users are allegedly being informed that the registration process for the extra measure can't be completed for at least three days.

For now, it looks like backup option is to proceed with extreme caution when using Apple's iForgot tools.

More information about setting up two-factor authentication is available from Apple's support pages.