Apple has restored its "iForgot" Apple ID password reset page after discovering a bug that let anyone change your passwords as long as they had your email address and birthday.
The Verge first wrote about the security hole, and Apple quickly took down the password reset page so it could fix the flaw.
Your Apple ID is the login you use to access iTunes and purchase music, videos, and apps. Millions of people have their credit card information tied to their Apple ID.
The flaw came to light a day after Apple enabled two-step verification for Apple ID logins. That means users have the options to receive a text message with a second unique password every time they want to log in. The process makes it more difficult for hackers to access your account because they'd need your cell phone too.
More From Business Insider