Apple’s iForgot password reset page is now back online, and iMore has verified that the security hole, discovered earlier today in Apple’s password reset page, has been closed.
Previously, after providing a victim’s Apple ID and date of birth, an attacker could send a URL to Apple that would change the password for that account, without needing to answer any security questions. In response, Apple blocked access to the password reset page, and a short while later took the entire site down in light of another loophole that still allowed the attack to be performed.
This vulnerability came at an interesting time, just a day after Apple began to roll out its two-step verification system. Users who had already enrolled in the new system seem to have been immune from the password reset vulnerability.
Unfortunately some users were held in a three-day waiting period for enabling two-step verification, while others live in countries where two-step verification is not currently available.
Today’s events serve as an important example of why two-step verification is a good idea. People interested in getting two-step verification set up can find out how with iMore’s tutorial.
Update: Details on how the exploit worked can be found here.
We may earn a commission for purchases using our links. Learn more.

Review: The Anchor Series iPhone Case from UAG is slim but protective
Urban Armor Gear (UAG) is known for tough and rugged cases that offer serious drop protection. But the Anchor Series is part of the newer U by UAG collection, and it's protective while being slim and sleek.

New iPhone 13 3D renders show a new notch layout but a familiar design
We're getting closer to an iPhone 13 announcement and now we have some 3D renders to check out while we wait.

Agenda 13 improves performance, adds new keyboard navigation, and more
Note taking app Agenda has a big new update out with an onus on speed and keyboards.

These Canon cameras will make you a better photographer
There's a lot of photography gear on the market. Canon has been in the game forever and knows exactly what they're doing. Whether you're looking for a point and shoot, a DSLR, or a pro mirrorless model, we have a few thoughts and recommendations.