Apple Fixed The Security Hole That Let Anyone Change Your Password With Just Your Email And Birthday

Business Insider

Apple has restored its "iForgot" Apple ID password reset page after discovering a bug that let anyone change your passwords as long as they had your email address and birthday.

The Verge first wrote about the security hole, and Apple quickly took down the password reset page so it could fix the flaw. 

Your Apple ID is the login you use to access iTunes and purchase music, videos, and apps. Millions of people have their credit card information tied to their Apple ID.

The flaw came to light a day after Apple enabled two-step verification for Apple ID logins. That means users have the options to receive a text message with a second unique password every time they want to log in. The process makes it more difficult for hackers to access your account because they'd need your cell phone too.

You can set up two-step verification for your Apple ID here.



More From Business Insider

Rates

View Comments (8)