Security-minded individuals looking to simplify their two-factor authentication logins may want to take a look at LastPass’s new app today, LastPass Authenticator. The iOS App Store currently has a few different apps that can already handle two-factor authentication logins, like Google Authenticator and 1Password. Most of them come with the minor annoyance that once the app is launched, a user has to find the site’s login, and then type the OTP into the site before it expires. LastPass Authenticator looks to improve that experience by allowing users to quickly approve the new login requests directly from their devices.
Google Authenticator Stories March 16, 2016
Google Authenticator Stories September 3, 2014
There are still many unknowns surrounding the leaked celebrity nudes. While Apple appears to have ruled out a theory that a Find My iPhone vulnerability allowed easy brute-force password attacks, some commentators are suggesting that the wording was sufficiently vague that this may indeed have been one route in. (Apple might be arguing that it’s not a breach if the correct password was required.)
But one thing does now appear clear: rather than a single hacker gaining wide access to iCloud, the photos were instead amassed over time by a number of different individuals likely using several different approaches. Phishing was doubtless one of them – some of the claimed emails from Apple are reasonably convincing to a non-techy person – but another was almost certainly to exploit one of the greatest weaknesses found in just about every online service, including iCloud: security questions.
[Update: Tim Cook has confirmed these were the two methods used] …