Apple Suspends Over-the-Phone Password Resets to Examine Mobile Security
In early August, Wired reporter Mat Honan revealed that he had been the victim of a mobile security breach, which raised concerns about cell phone privacy for consumers and service providers alike. Honan explained that his Google, Twitter and AppleID accounts were hacked into, compromising his personal information. He took much of the blame for this incident, explaining that he had linked his different accounts together, which was likely how the hackers were able to access his information across so many venues.
While Honan did claim his personal security strategy was not ideal, the hacking incident still raised concerns for Apple. The company has already taken steps to put their privacy and security methods under close scrutiny. According to CNET, Apple recently suspended users' ability to reset their Apple ID passwords directly on their phones. This action will not be permanent, but will likely remain in place until Apple can resolve the issue and determine if it is necessary to make this function more secure.
"We've temporarily suspended the ability to reset Apple ID passwords over the phone," Apple spokeswoman Natalie Kerris explained in an email, according to Wired. "We're asking customers who need to reset their password to continue to use our online iForgot system (iforgot.apple.com). This system can reset a password in one of two ways - either have a password reset sent to an alternate email address already on record or challenge the customer to answer security questions they had previously set up. When we resume over-the-phone password resets, customers will be required to provide even stronger identity verification to reset their password."
Mobile privacy is a major concern, as a growing number of consumers are using their cell phones to conduct monetary transactions and access personal information. Most cell phones and smartphones have options to help users protect their information, such as screen lock controls that require a password to gain access to the device. This can help prevent hackers from accessing the phone should it be stolen or lost.
It is also wise to remove any personal information from a device, such as bank account numbers, passwords, addresses and other data that could be used inappropriately by criminals. Even keeping a cell phone linked to an email account may not be a good idea, as this could give a thief or a hacker access to other information.