Marco Arment on the iCloud hacking thing

Marco Arment on the iCloud hacking thing

Marco Arment:

And ideally, before resetting a password by phone, they’d send a forced “Find My”-style push alert to all registered devices on the account saying something like, “Apple Customer Service has received a request to reset your iCloud password. Please call 1-800-WHATEVER within 24 hours if this is unauthorized.”

Probably one of the simplest but most effective ways of doing this.

Saying that, I’d go a step further, and make registered devices the way to reset passwords: rather than saying “Call this number if you didn’t do this”, make it a passcode system.

“You’re trying to reset your password. Give the Service Rep this code: ABC123 to continue”. Maybe even have a mechanism so that if you’re not requesting, it could alert Apple that someone is trying to reset your password without your permission.

About Lewis Dorigo

Hi. I’m Lewis. I like making nice things on the web, which I’m currently doing as a Senior Front-End Developer with Social Security Scotland.

Feel free to connect with me on LinkedIn, or follow me on Instagram.

Lewis Dorigo’s Avatar

Here’s some more articles you might like:

  1. On Star Trek

    Since Star Trek: The Next Generation came onto Netflix in the UK I have — like many, I must imagine…

    Published On
    Read Time
    4 minutes
    Read More

  2. Peter Bright on the Surface Pro

    The review is long, but is very much worth the read. His conclusions? The Good The screen is pretty…

    Published On
    Read Time
    19 seconds
    Read More

  3. “An Alternate Universe”

    “An Alternate Universe” On the way to the Apple Store today to buy AppleCare+ for my wife’s new iPhone…

    Published On
    Read Time
    16 seconds
    Read More