Apple’s iForgot password reset page is now back online, and iMore has verified that the security hole, discovered earlier today in Apple’s password reset page, has been closed.
Previously, after providing a victim’s Apple ID and date of birth, an attacker could send a URL to Apple that would change the password for that account, without needing to answer any security questions. In response, Apple blocked access to the password reset page, and a short while later took the entire site down in light of another loophole that still allowed the attack to be performed.
This vulnerability came at an interesting time, just a day after Apple began to roll out its two-step verification system. Users who had already enrolled in the new system seem to have been immune from the password reset vulnerability.
Unfortunately some users were held in a three-day waiting period for enabling two-step verification, while others live in countries where two-step verification is not currently available.
Today’s events serve as an important example of why two-step verification is a good idea. People interested in getting two-step verification set up can find out how with iMore’s tutorial.
Update: Details on how the exploit worked can be found here.
We may earn a commission for purchases using our links. Learn more.
ACNH: Today is the Fishing Tourney and here's how to catch the most fish!
C.J. is a beaver who shows up periodically in Animal Crossing: New Horizons. He'll randomly make visits to your island, but he'll also host various fishing competitions throughout the year where you can earn a ton of Bells and sweet Fish Swag.
Nintendo recap: Switch scarcity, Steam Deck size comparisons, and more
Nintendo warns that Switch supply will be scarce in 2022, new LEGO sets depicting some of our favorite video game characters released, and we get to see how the Switch compares size-wise to the Steam Deck.
Model says she was tracked by an AirTag that was left in her coat pocket
Sports Illustrated model Brooks Nader says that she was tracked by an unknown AirTag and wasn't aware until her iPhone warned her of the fact.
Upgrading your iMac's memory yourself is cheaper than going through Apple
Apple's options for additional RAM on the iMac are super expensive. Save a little (a lot) of money by getting third-party RAM and doing it yourself.