Apple will toughen security measures for iCloud password recovery, the company has confirmed, after shortcomings in telephone support were cited as key to a high-profile hack of one journalist’s digital life. The Cupertino firm had already frozen over-the-phone password resets earlier today, but has since told the LA Times that when the service is restored it will be following a new and more stringent security policy.
“We’ve temporarily suspended the ability to reset AppleID passwords over the phone,” Apple spokesperson Natalie Kerris said in a statement. “When we resume over-the-phone password resets, customers will be required to provide even stronger identity verification to reset their password.”
Concerns about Apple’s policies arose when journalist Mat Honan saw his digital life deleted in front of his eyes, after hackers used nuggets of personal data culled from different cloud services to convince iCloud customer care to grant them access. A temporary iCloud password was handed out after the hackers provided the final four digits of Honan’s credit card, a detail which Amazon customer services had freely given them access to.
Exactly what Apple’s policies will be when the service is restored is unclear, though Amazon has already apparently changed its system so as to reduce the likelihood of a repeat attack. Nonetheless, good data and account practices are still advised; there are suggestions as to how to stay safe amid the cloud here.