Dashlane password manager can now automatically change your password on 50 top US websites

dashlane

Password managers are a great way to have strong, unique passwords for each website you access – but vital as it is these days, there’s no denying that it’s a chore to change them. Dashlane, a Mac and Windows password manager app, aims to take away the pain by doing it for you automatically across 50 top US websites like Apple, Amazon, Dropbox, Facebook, PayPal, WordPress and Twitter.

Importantly, the app can even cope with sites that employ two-factor authentication to login or change a password, prompting you for the code when required …  Read more

iOS 8 How-to: Set up and use Family Sharing

Screenshot 2014-09-17 09.17.00

Before Family Sharing, there was Home Sharing, which allowed you to share apps and media with your family by having an Apple ID that contained the purchases to be used on up to five computers and an unlimited number of iOS devices. For your family to make purchases with that Apple ID, they either know the password to that Apple ID (which also means they can access your passwords, credit card information, documents), or they have to go to the account holder every time they want to purchase an app or music.

Now with iOS 8 there is Family Sharing and it does not require sharing an Apple ID. Instead your family of five (six including yourself) each have their own Apple ID with the same credit card and can download apps and iTunes. Your family does have to have their Apple ID based in the same country. Also, parents can approve their kids’ purchases right from their device. Besides managing the App Store and iTunes purchases, Family Sharing can help you track where your children are using Find My Friends and can help find their lost devices using Find my iPhone.

Family Sharing also allows you to easily create a shared family calendar and shared family reminder list that anyone in the family can view and edit. It also creates a shared family photo album. In this how to, I will discuss how to set up Family Sharing and how to use it.

Read more

Apple ID two-step verification feature rolls out to dozens of new countries

Apple this week has greatly expanded the availability of its Apple ID two-step verification, bringing the feature from 11 countries to 59 countries. Two-step verification for Apple IDs uses either iOS’s Find my iPhone application or SMS to provide login verification in addition to a password. The feature first rolled out for both Apple ID and iCloud IDs in early 2013 and it expanded to a few more countries later that year. Here are all the countries that support two-step verification (both the original countries and the new ones):

Read more

Apple denies iCloud breach was responsible for device lockout attack, advises users to change passwords

icloud

Last night we reported that several Mac and iOS users were finding their devices remotely locked by hackers who had gained access to the users’ Find My iPhone accounts and demanded a ransom to return the devices to a working state.

Today Apple issued a statement on the problem, noting that—as suspected—the iCloud service itself was not actually breached, but individual user accounts may have been compromised through password reuse or social engineering:

Read more

Australian Mac and iOS users find devices remotely locked, held for ransom (and how to keep yours safe)

1401164873077

The Sydney Morning Herald reports that several Australian Mac, iPhone, and iPad users are finding that their devices have been locked remotely through Apple’s Find My iPhone service by someone using the name “Oleg Pliss.” The hacker (or hackers) then demand payments of around $50 to $100 to an anonymous PayPal account in order to restore the devices to their owners.

An active thread on Apple’s support forum was started yesterday as users started to discover that they had been targeted by the attack. According to that discussion, users are finding all of their devices locked at once rather than a single device per user. Based on that report and the fact that Find My iPhone is being used to hold the devices hostage, it seems likely that the perpetrator has gained access to these users’ iCloud accounts—possibly through password reuse by those users—rather than some device-specific malware or hack.

Read more

Apple opens iAd Workbench platform to non-developers, adds video clip support

As noted in a report today from Ad Age (via MacRumors), Apple is now allowing non-developers to access and use the iAd Workbench platform.

At the onset of its mobile-ad business, Apple extended olive branches to a select group of brands, promising premier reach. But advertisers pushed back against its pricey offerings. Now, it appears Apple has concluded money in mobile ads comes from a wide net; in short, it’ll look more like Google.

Previously, iAd Workbench users had to at least be enrolled in Apple’s $99/year registered developers program, but now opening an iAd Workbench account will only require an Apple ID which is free to create with any Apple service or device. Ad Age reports that customers using iAd Workbench can choose between payment based on cost-per-click or cost-per-thousand impressions, although rates are currently not clear. Read more

Report: EA Games server compromised, hackers stealing Apple ID, credit card & Origin account info

Update: EA said in a statement that it’s investigating the reports (via TheVerge):

“Privacy and security are of the utmost importance to us, and we are currently investigating this report… We’ve taken immediate steps to disable any attempts to misuse EA domains…”

According to a report from internet security and research company Netcraft, hackers have compromised an EA Games server and are currently using it to host a phishing site that steals Apple IDs and more from unsuspecting users. The company published its report today and says it contacted EA yesterday to report the discovery, but as of publishing the compromised server and the phishing site stealing Apple IDs were still online.

Netcraft claims the phishing site being hosted on EA’s servers not only asks for an Apple ID and password but also the user’s “full name, card number, expiration date, verification code, date of birth, phone number, mother’s maiden name, plus other details that would be useful to a fraudster.” Netcraft also reports that EA Games is being targeted in other phishing attacks that are attempting to steal user data from its Origin game distribution service: Read more

Apple’s two-step verification for Apple IDs arrives in Canada, France, Germany, Japan, Italy, & Spain

Apple-Two-Step-Verifiication

Back in May of last year, a long list of readers in countries around the world reported having access to Apple’s two-step verification security feature for their Apple ID. Shortly after the news broke, the feature disappeared in many countries signaling it had been launched prematurely. The only officially supported countries listed on Apple’s website included the “U.S., UK, Australia, Ireland, and New Zealand.” However, today the feature has appeared in several new countries including Canada, France, Germany, Japan, Italy, & Spain. Apple has also updated its support pages for two-step verification here and here to list the new countries. 

Read more

Video reveals how the Touch ID hack was performed – ‘trivial’ attack that took 30 hours

The German hacker who successfully defeated Touch ID using a fingerprint lifted from the back of an iPhone has posted a video showing exactly how it was done.

While the hacker – who goes by the nickname Starbug – described the attack as “very straightforward and trivial,” he revealed in an email interview with arsTechnica that it required 30 hours of work using a scanner, high-res laserprinter and a printed circuit board etching kit.

It took me nearly 30 hours from unpacking the iPhone to a [bypass] that worked reliably. With better preparation it would have taken approximately half an hour. I spent significantly more time trying to find out information on the technical specification of the sensor than I actually spent bypassing it.

I was very disappointed, as I hoped to hack on it for a week or two. There was no challenge at all; the attack was very straightforward and trivial.

Should 5s owners worry that, now that the technique is known, it could be replicated in 30 mins? The answer is ‘it depends, but probably not’ …  Read more

How-to: Deal with the infamous Apple ID

Screen Shot 2013-07-23 at 5.59.04 AM

This is the third how-to in our new weekly series: 

One of the most common issues I hear about is forgotten Apple IDs. But this is not as simple as it sounds. Figuring out Apple ID details can involve finding out what the Apple ID username is, which Apple ID they should be using (if they have multiple), resetting security questions and answers, and resetting passwords.

Most people, if they have an iPhone, iPod Touch or iPad, are using their Apple ID on their mobile device. From there, if you go into the Settings App, you will be able to see your Apple ID.

Always double-check to see if you have two different Apple IDs: one for iCloud and one for iTunes and App Stores.  Under Settings, press iCloud. Make note of the email address listed in the account. To go back to the main Settings page, press the Settings arrow in the upper left hand corner. Then scroll down until you see iTunes and App Stores and press it. You now have three different possible scenarios: Read more

How-to: Change the email address associated with your Apple ID

This is the second article in our new Saturday how-to series (see last week’s post about safely deleting an iCloud account)

It is highly recommended that you tie an active, valid email address to your Apple ID. The Apple ID is your login for Apple services such as iTunes, App Store, iMessage, and FaceTime.

By actually using an active email address for your Apple ID, you will receive important emails from Apple. Additionally, iTunes will email you whenever you purchase paid content from iTunes, including iBooks and Apps.

Apple will also email you if the password for your Apple ID was changed, someone tried using Find My Device, or your Apple ID was used on a brand new device.

It is important to track this information in order to stop an issue if someone has hacked your account. Keeping tabs on iTunes purchase alerts could also ensure that someone is not using your account to get their content at your cost…

Read more

How-to: Safely delete an iCloud account from your Mac or iOS device

Screen Shot 2013-07-12 at 11.50.50 AM

This is the first entry in our new, weekly how-to’s column. Check back every Saturday for a new how-to:

First off, before we begin and actually discuss how to safely delete an iCloud account, we should discuss the different scenarios as to why you might need to delete your iCloud account off of your devices.

  1. If you are using the same Apple ID as a family member for iCloud, several different outcomes could result from this.  Odds are that your content got merged, and all of your personal information is mixed together. You are both getting frustrated that your contacts are disappearing because you each delete and re-add them and iCloud pushes the changes to both of you. You also might be getting each other’s iMessages and FaceTime calls. Or one of you is using and enjoying the features and benefits of iCloud whereas the other isn’t and is missing out on features like Backup to iCloud and Find my Device.
  2. The email address associated with the Apple ID you are using for iCloud is no longer a valid, active email address. In that case, you’ll need to change the email address associated with your Apple ID, which I will be discussing in next week’s article.

On an iOS Device, go into the Settings app and scroll down until you see iCloud. To delete the iCloud account from the device, just press the big red “Delete Account” button. To do this on a Mac, go into System Preferences and choose iCloud, the press the “Sign Out” button…

Read more