Apple ups iCloud security by using two-factor authentication and adding lots of alerts because of the iCloud Celebrity Hack, when dozens of celebrity nude photos were stolen.
The first security measurement is that Apple started to notify users when someone tries to restore iCloud data to a new device. Tim Cook said that there wasn’t any security breach, the hacker just answered correctly to all security questions and he gained access to the celebrity pictures. In other cases, the celebrities were victims of some phishing email attacks aimed to obtain users IDs and passwords.
basically, people should have better passwords
And this is true, but the good paswords are hard to remember especially if you have to introduce them on mobile devices. That’s the reason why Apple suggested to it’s users to use the two-factor authentication (2FA). Apple already use the two factor authentication for other services. It allready protects Apple ID, App Store and iTunes. When users turn the two step authentication on, they have to log in with two of the following things: a password, a short-time code or the long key they were given at the signup.
To protect against this type of attack, we advise all users to always use a strong password and enable two-step verification. Both of these are addressed on our website at http://support.apple.com/kb/ht4232.
Tim Cook also said that the upcoming IOS 8 operating system would stimulate people to use more the two-factor authentication. But he also said that the most important measures to prevent future intrusions might be more human than technological. That’s why Apple could have done more to make people aware of the dangers of hackers trying to target their accounts or the importance of creating stronger and safer passwords.
When I step back from this terrible scenario that happened and say what more could we have done, I think about the awareness piece..I think we have a responsibility to ratchet that up. That’s not really an engineering thing. – Tim Cook
Apple is recommending two-factor logins if there’s something on your phone you’d like to keep private. So if you’re an Apple customer, please enable the two step authentication as soon as possible.