I just recently switched from Two-Step security to Two-Factor security for my Apple ID since it was needed in order for my Apple Watch to unlock my MacBook.
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
iOS Device Ransom Attacks Continue to Target Users in U.S. and Europe
- Thread starter MacRumors
- Start date
- Sort by reaction score
1Password, among other options, is free (for the mobile version anyway....desktop is something else) and IMO pretty convenient. You may have to open an app to retrieve a password....but it beats having to remember (in my case) 70+ passwords.
[doublepost=1468000164][/doublepost]
That second one about security questions is really bothersome to me.....it seems 3/4 of the time when you select questions from a preset list that they are normally questions that would be easy for someone to dig up info on if they wanted to badly enough.
Enable 2 factor authentication. Problem solved.
If your AppleID is breached, wouldn't the way Apple implements 2-step authentication be an issue too? Wouldn't iMessage. that is used for receiving the code, also be vulnerable? After all, they are part of the same eco system.
Just curious. I use it myself but it seems like an authenticator code would be more secure. I believe Apple has 2-step verification only, not 2-factor.
http://www.howtogeek.com/212219/here’s-how-an-attacker-can-bypass-your-two-factor-authentication/
Just curious. I use it myself but it seems like an authenticator code would be more secure. I believe Apple has 2-step verification only, not 2-factor.
http://www.howtogeek.com/212219/here’s-how-an-attacker-can-bypass-your-two-factor-authentication/
For the hacker to do anything such as lock your device, the hacker would need physical access to an approved device first before initiating a lock.
If it's not designed from the ground up, then it's a bigger chance of having problems. Anyone in "Tech 101" knows no platform is bulletproof and we've said it for years. Now look up how secure automobile systems aren't and cringe.
Businesses always tell governments to stay out of the free market. At least until it's time for corporate welfare and lobbyist-influenced riders.
Wasn't that great before him, noting the privacy lawsuits, malware, misadvertising (all the Apple fans guffawing over they could never have security issues and viruses... the latter is technically correct but most don't understand the full breadth of what "malware" is and Apple cashed in with those adverts.
As a human, all things considered, he's not the same "alpha" type that Job had and most people would not get away with the antics Jobs pulled. Despite knowing long in advance of certain phone issues, he still spat on customers when screaming at then "you're holding it wrong". Most businesses would not survive in putting out known defective trash and blaming customers for what was not their fault or cause. Jobs was a horrible CxO. Sorry. And technology news media reported the antenna problem and Jobs being informed of it. The same media reported his infamous anti-customer outburst, too.
That's Apple's choice. It's also less expensive to be reactive than proactive. How much money would you spend, since investors will not like seeing teeny tiny returns by comparison?
Also, isn't the word "authorization"? "Authoring"? "Authentication"? "Authomobile"?
Americans can't handle more than two syllables in words anymore... I miss the days when people could handle multisyllabic words..."I suppose" sounds lazy. Also remember, Apple built itself up by selling ease-of-use and big-time, ever since 1984. So the irony in all this is immense.
Apple as a company has been growing at a ludicrously fast rate for the past few years. The bigger you get, ths greater the number more of bad people out there want to take you down. Apple is still the most prolific company out of them all who proactively fixes security issues as fast as they can and make further improvements.
So, to fix your statement: Apple under Tim Cook has grown significantly and must now work harder to uphold the security standards they're known for. But at least they're still trying.
Your lack of Reading comprehension is lacking....
Then don't use 'real' answers. For example your birthplace (Chicago, Illinois) could be input as CH1c@g0&1llin01s
OK either you have to remember this or you could store it in something like 1-Password
oh really? how is Apple guilty of this? iOS and OS X are two of the most secure consumer operating systems on the market. so what on earth are you talking about? (please dont cite the Fappening, as that was a phishing attack on those celebrities/assistants foolish enough to fall for it)
The smart thing to do would not have your eggs in one basket. Someone using idevices, android and Windows depending on the platforms strengths is going to be less impacted than someone who has all thier devices and devices linked to one appleid. This is a disadvantage of the walled garden.
Actually this never used to be any issue even for apple, until apple forced appleid onto all of us, now it's integral to operation of the hardware/services.
what? using more than one signon for apple products and services would be insane and anti-user.
just use a unique, secure password for your AppleID. problem solved. it's so simple.
[doublepost=1468003228][/doublepost]
trollhardy nonsense.
I think the time has come that Apple and other tech companies make two step verification mandatory.
You missed the point .
For example. I purchase my iPhone , buy it outright, why must I be forced to own a Mac to activate it and have an Apple ID?
And the second point you missed, single sign on, gives hackers access to all your idevices......hence this story....remotely half way around the world.
The point is , I know why apple does it, what I'm saying is that it comes with cons....as Per this Story here.
Major sites will get hacked....very good chance people use the same email/password, there for a 3rd party hack will give hackers access to your Apple ID......
And if apple gets hacked, not knowing ..... Your unique and secure password is useless. Never assume your password is safe. That is simple. Plan for the worst case scenario.....cause companies do.....even apple, cause even when you make Changes in your account events and warnings are triggered....cause they anticipate hackers might get access.
You aren't. Just use a trusted phone number to receive the verification SMS text or phone call with the code.
Just a little overly maybe. Especially because you forgot another big problem being users that repeat the same password across multiple sites. Hacking one site now gives me access to your password that I can then use to gain access to your bank account. People really need to work on getting a password manager like Apples KeyChain. I have ID and passwords for a 100 or so sight and I frankly have no idea what my password is for just about anything. Thankfully keychain works well across all my devices. Not selling keychain as there are others out there. My point is that folks need to take this stuff more seriously.
It could be entered as kitqwer158xkwpogi.
But actually, that's only relevant if someone is specifically after _you_. These criminals wouldn't bother with anything that requires them answering security questions. They break into some website run by criminally incompetent people, steal account names and passwords, crack them, and then they try these names as AppleIds + passwords.
So what puts you at risk is having an AppleID with a password that is guessable, or using the same password at a website that is run by incompetents.
Well this convinced me it's time for me to set up two factor authentication finally.
So I go into my Apple account page and it immediately prompts me to change my password since it's been a while since I changed it. OK, so I change it. Then I go to set up two-factor authentication and it says "sorry, you have to wait three days after changing your password."
Gee, thanks. Grrr....
So I go into my Apple account page and it immediately prompts me to change my password since it's been a while since I changed it. OK, so I change it. Then I go to set up two-factor authentication and it says "sorry, you have to wait three days after changing your password."
Gee, thanks. Grrr....
Yes. But it wouldn't hurt to use a strong password and change it every once in a while.