Technology content trusted in North America and globally since 1999
7,704 Reviews & Articles | 57,137 News Posts
TRENDING NOW: Galaxy S9: 6GB RAM, headphone jack is a selling point

Apple bug allows Apple ID password reset with just e-mail and date of birth

Bug found that allows Apple ID password to be reset simply by knowing email and date of birth
By: Trace Hagan | Hacking & Security News | Posted: Mar 22, 2013 7:08 pm

If you haven't enabled two-factor authentication quite yet, you might want to get on it. Yes, right now. A new vulnerability has been found that will allow a malicious user to reset a user's password by knowing just their e-mail address and date of birth. It's not clear if this bug resulted from Apple's new two-step authentication or if it has always been there.

 

apple_makes_a_big_oops_when_enabling_two_step_authentication_allows_password_reset_with_just_e_mail_and_date_of_birth_1

 

A guide to doing the hack has been posted online, though we will not be linking to it for some very obvious security reasons. A malicious user has to simply paste in a modified URL and answer the date of birth security question to reset the password. The exploit makes use of Apple's iForgot tool.

NEWS SOURCES:Theverge.com

Recommended for You

Yahoo now admits 3 billion accounts were breached
Yahoo now admits 3 billion accounts were breached
Biggest data breach in India affects 120 million users
Biggest data breach in India affects 120 million users...
Huge security flaw: Keylogger found on HP laptops
Huge security flaw: Keylogger found on HP laptops
Qualcomm announces vulnerability bounty program
Qualcomm announces vulnerability bounty program

Related Tags

Got an opinion on this news? Post a comment below!
Subscribe to our Newsletter

Latest News Posts

View More News Posts

Forum Activity

View More Forum Posts

Press Releases

View More Press Releases
© 1999-2017 Tweak Town Pty Ltd. All Rights Reserved.
loading