Apple has confirmed that it is suspending the over-the-phone Apple ID reset procedure with Wired after writer Mat Honan had his iCloud account hacked via some clever social engineering. A temporary suspension was rumored yesterday, but the confirmation came via an Apple representative today.
Spokesperson Natalie Kerris had this to say:
We’ve temporarily suspended the ability to reset AppleID passwords over the phone. We’re asking customers who need to reset their password to continue to use our online iForgot system (iforgot.apple.com).
Apple also says that when the phone resets of passwords resume, customers will have to provide “even stronger” identity verification in order to reset their password. This was mirrored by a Bloomberg report which says that Apple will strengthen its security procedures for phone resets.
Honan’s account is well worth a read, if only for the shock value of how easy it was to gain access to his account and how Amazon figured into the hack. Honan’s Gmail account was a part of the process as well, leading to our recommendation that you turn on two-factor authentication on any account you own. For more information on how to do that, read here.
Image Credit: Thomas Kramer