[Fed-Talk] Apple's 2FA
[Fed-Talk] Apple's 2FA
- Subject: [Fed-Talk] Apple's 2FA
- From: Todd Heberlein <email@hidden>
- Date: Thu, 04 Sep 2014 17:13:38 -0700
Nice, very important, and timely article by Christina Warren.
I have not made use of iCloud to store documents (currently a big push by Apple), and until Apple requires 2nd Factor Authentication for all accesses, I don’t think I will. I admit, I was disappointed reading this article having just gone through the 2FA activation process.
How I Hacked My Own iCloud Account, for Just $200
As we've mentioned before, Apple's two-factor implementation does not protect your data, it only protects your payment information.
This appears to be backed up from Apple’s own article (second bullet):
Frequently asked questions about two-step verification for Apple ID
It requires you to verify your identity using one of your devices before you can take any of these actions: • Sign in to My Apple ID to manage your account
• Make an iTunes, App Store, or iBooks Store purchase from a new device
• Get Apple ID related support from Apple
So it seems that right now, the primary protection is still a strong password (and one that isn’t slurped by several of the techniques Christina mentions in her article).
I realize that implementing a strong 2FA capability that is also largely transparent / easy to use by the vast majority of Apple’s customers will be challenging, but I hope Apple puts some effort behind doing this.
Todd
|
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden