Hours after Wired reported that Apple put a 24-hour freeze on over-the-phone password resets for Apple accounts, an Apple spokesperson confirmed in a statement to The Next Web that a temporary suspension is now in place. Apple also asked that users reset their password on Apple’s password recovery webpage. Here is Apple spokesperson Natalie Kerris full statement:
We’ve temporarily suspended the ability to reset AppleID passwords over the phone. We’re asking customers who need to reset their password to continue to use our online iForgot system (iforgot.apple.com).
Bloomberg further reported this morning that Cupertino-based Apple would work to put new a procedure in-place that will have proper safety measures. Until then, customers will not be able to reset their password from the phone, as confirmed by Apple above.
All of this security talk is taking place after Wired journalist Mat Honan’s account was hacked by a hacker who reset his password after simply calling Apple’s support line. The hack was devastating to Honan, whose Mac, iPhone, and iPad were remotely wiped, along with his Gmail and everything else. Apple released a statement on the matter earlier this week:
“Apple takes customer privacy seriously and requires multiple forms of verification before resetting an Apple ID password. In this particular case, the customer’s data was compromised by a person who had acquired personal information about the customer. In addition, we found that our own internal policies were not followed completely. We are reviewing all of our processes for resetting account passwords to ensure our customers’ data is protected.”
The matter has gone viral, with several security experts warning users to beef up their passwords. Google’s Matt Cutts even took to his blog yesterday afternoon and encouraged users to turn on two-factor authorization for their Google accounts. Scary stuff, huh? [TNW, Bloomberg]
Image via Flickr