Reported security hole allows Apple password reset

A new exploit has been discovered that allows anyone with both your email address and date of birth to reset your Apple password by pasting a modified URL on Apple’s iForgot page, according to a report.

Further details about the issue were not provided for security reasons, but the hole was confirmed.

Yesterday, Apple added an optional two-step verfication service; users of that service would not be susceptible to the security hole.

Share