Advertisement
 
YOU ARE HERE: LAT HomeCollectionsHack

Apple to make phone identity verification stronger after Wired hack

August 08, 2012|By Salvador Rodriguez
  • Apple said AppleID password resets will require stronger identity verification following a massive hack on a Wired journalist.
Apple said AppleID password resets will require stronger identity verification… (Apple )

Despite initially blaming an individual employee for helping set off a massive hack on a Wired journalist, Apple has now taken some of the responsibility and will improve its AppleID phone identity verification.

Holes in the Cupertino company's phone verification process as well as others at Amazon led to hackers accessing pretty much every part of reporter Mat Honan's digital life and ruining large portions of it.

Amazon addressed the issue and on Tuesday confirmed it took steps to end the exploits on its behalf that led to the hack. Apple, on the other hand, only said its part of the failure was because an individual customer service representative did not follow the company's policies -- although that is up for debate

But Apple on Tuesday said it was reviewing its processes, and the tech giant concluded it could stand to improve its practices.

"We've temporarily suspended the ability to reset AppleID passwords over the phone," Natalie Kerris, an Apple spokeswoman, told the Los Angeles Times. "When we resume over-the-phone password resets, customers will be required to provide even stronger identity verification to reset their password."

Kerris also said any users who need to change their password during the phone reset freeze can do so by going to iforgot.apple.com, where they can reset their AppleID's password after getting a reset sent to another email address or answering security questions.

Of course, alternative email addresses and security questions aren't bulletproof to hacks either, but at least Apple is doing something to improve customer security.

If you want to improve your security further, Wired suggests getting creative with your answers for security questions, such as by adding extra characters to your answer or swapping the answers for your questions.

PCWorld also suggests making your account recovery email addresses not obvious. Having first.last@emailservice.com is excellent for your actual email address, but not for your recovery account -- for that feel free to use the stargirl7@yahoo.com account you were using in fifth grade to throw off any hackers.

ALSO:

Lightweight Kitty Cams reveal the secret life of house cats

Olympic Google doodles get interactive, plus our top 5 faves

Amazon fixes security flaw that led to hack of Wired journalist

Follow Salvador Rodriguez on Facebook, Twitter or Google+

Advertisement
Los Angeles Times Articles
|
|
|