• Apple Improves Security on iCloud.com by Adding Two-Factor Authentication



    Apple appears to have recently activated two-factor authentication for iCloud.com access. The move is likely a bid to secure its online consumer services while many competitors and industry influencers continue to question the company’s privacy concerns. The company’s iCloud.com portal now requires users to enter dynamically generated code which is sent to a trusted device prior to gaining access to the service.

    The Cupertino California company originally tested the extra layer of iCloud.com security in June, which happened to be roughly over one year after the company first introduced Apple ID accounts back in 2013. When used, iCloud.com two-step verification asks users who log in to provide both a password and a four-digit code, the latter of which is sent to a “trusted device” via text, iMessage or push notification.

    Apple ID owners can add and remove trusted devices through the Apple ID management webpage. Once a user has been confirmed, all of their iCloud.com assets are unlocked until the user signs out or closes their browser window. The only app left active is Find My iPhone, which allows users to remotely deactivate or wipe a trusted device that is stolen or lost.

    As of right now, the two-factor iCloud.com authentication has effectively broken various forensics tools such as ElcomSoft’s iCloud backup and password breaker programs. For those of you who didn’t know, these tools were previously used by those who wished to steal user data from others (including the hackers who recently stole photos from celebrity devices). We’ll have to wait and see if Apple’s security implementation remains secure or if someone discovers a method to bypass it, though it seems a lot more difficult to accomplish now.

    Source: AppleID, iCloud via AppleInsider
    This article was originally published in forum thread: Apple Improves Security on iCloud.com by Adding Two-Factor Authentication started by Akshay Masand View original post
    Comments 3 Comments
    1. ProfessorJack's Avatar
      ProfessorJack -
      i put this up a few days ago about the 2 stage password Authentication
      most of you thought i was from another planet
      and making out there is nothing wrong with the cloud

      as Mr cook sad him self there are a lot of BAD people around
      I'm glad I'm not one of them
      it had payed off my on slot with apple staff about this now I'm happy not just for me but for all of you
      when people who don't have this set up and there is a lot of you that don't
      you can link it to your phone pod pad you get a text message with a 4 digit code
      that just one way of running it
      one are is the KeyChain to tune it on you can have a another 4 digit code which will be different from the one above
      because the first one is generated buy apple during the set up you will set a personal 4 digit code this is linked to your apple ID and apple password

      take it easy all
    1. nakedcrook's Avatar
      nakedcrook -
      Google services have been offering this for a long time now. Just another example of Apple playing catch-up, as well as another example of Apple only giving something to the customer when they (Apple) seems to think that the customer should have it.

      Hey, Apple campers...don't worry about December 31st 2012...the world will NOT END. Do not worry. Things are looking pretty good here, in 2014.
    1. RoloDiva13's Avatar
      RoloDiva13 -
      Just great. I hope they give us the option to turn this off for those of us who don't use the same pw for everything and are not r3tards who put our nekkid pics up in The Cloud.
  • Connect With Us

  • Twitter Box

  • Facebook