TweakTown
Tech content trusted by users in North America and around the world
5,686 Reviews & Articles | 36,202 News Posts
Weekly Giveaway: Fractal Design Arc Cases Contest (Global Entry!)

Apple bug allows Apple ID password reset with just e-mail and date of birth

Bug found that allows Apple ID password to be reset simply by knowing email and date of birth

| Hacking & Security News | Posted: Mar 22, 2013 7:08 pm

If you haven't enabled two-factor authentication quite yet, you might want to get on it. Yes, right now. A new vulnerability has been found that will allow a malicious user to reset a user's password by knowing just their e-mail address and date of birth. It's not clear if this bug resulted from Apple's new two-step authentication or if it has always been there.

 

TweakTown image news/2/9/29281_1_apple_makes_a_big_oops_when_enabling_two_step_authentication_allows_password_reset_with_just_e_mail_and_date_of_birth.png

 

A guide to doing the hack has been posted online, though we will not be linking to it for some very obvious security reasons. A malicious user has to simply paste in a modified URL and answer the date of birth security question to reset the password. The exploit makes use of Apple's iForgot tool.

NEWS SOURCE
Theverge.com

Related Tags

Further Reading: Read and find more Hacking & Security news at our Hacking & Security news index page.

Do you get our news RSS feed? Get It!

Post a Comment about this news

Latest Tech News Posts

View More News Posts

Latest Downloads

View More Latest Downloads

TweakTown Web Poll

Question: Did EA kill the Battlefield franchise with the terrible BF4 issues?

Yes, Battlefield is doomed

No, Battlefield will live on strong

I'm not sure, but I know EA needs to improve its game

or View the Results

View More Polls

Forum Activity

View More Forum Posts

Press Releases

View More Press Releases
Get TweakTown updates via Facebook!
Just click the "Like" button below