December 14, 2024
Major Security Flaw Lets Anyone Reset Your Apple ID With Just Your Date of Birth

Major Security Flaw Lets Anyone Reset Your Apple ID With Just Your Date of Birth

Posted March 22, 2013 at 7:24pm by iClarified
A major security flaw has been found with Apple's user ID system that lets anyone reset your password with just your email and date of birth, reports The Verge.

Unfortunately, today a new exploit has been discovered that affects all customers who haven't yet enabled the new feature. It allows anyone with your email address and date of birth to reset your password — using Apple's own tools. We've been made aware of a step-by-step tutorial (which remains available as of this writing) that explains in detail how to take advantage of the vulnerability. The exploit involves pasting in a modified URL while answering the DOB security question on Apple's iForgot page. It's a process just about anyone could manage, and The Verge has confirmed the glaring security hole firsthand.

Of course, we're not linking to the instructions on how to do this; however, we would suggest that you enable the two-step verification system that Apple introduced yesterday.


Unfortunately, not everyone can implement two-step verification due to their locations or delays on Apple's side. The only other way to avoid the exploit would be to set a fake birth date for the time being.

Read More


Major Security Flaw Lets Anyone Reset Your Apple ID With Just Your Date of Birth
Add Comment
Would you like to be notified when someone replies or adds a new comment?
Yes (All Threads)
Yes (This Thread Only)
No
iClarified Icon
Notifications
Would you like to be notified when we post a new Apple news article or tutorial?
Yes
No
Comments (4)
You must login or register to add a comment...
HO
HO - March 23, 2013 at 2:01am
...well, ur holding it wrong!!!
Corwin
Corwin - March 22, 2013 at 10:00pm
I like it!! Which mean some more flaws with iOS 6.1.4
John
John - March 22, 2013 at 9:49pm
Hmmm starting to think apple themselves is behind this so everybody can run and enable two step verification...
Dyllon
Dyllon - March 22, 2013 at 8:01pm
There you go Apple screwed up again, first off Steve Jobs would've fixed it so they wouldn't need two-step verification because he would hate that it's not simple. Now there's this and last three firmware's they've been trying to fix a lock screen bypass and this newest version they just released there's already a new one... Smh
Recent. Read the latest Apple News.
RECENT
Tutorials. Help is here.
TUTORIALS
Where to Download HomePod Firmware Files From
Where to Download macOS Sequoia
AppleTV Firmware Download Locations
Where To Download iPad Firmware Files From
Where To Download iPhone Firmware Files From
Deals. Save on Apple devices and accessories.
DEALS