Apple is going to encourage users to use two-factor authentication
With the introduction of iOS 8, Apple will actively encourage users to enable two-factor authentication, a more secure login method, on iCloud. From then on, the login method also works when logging in to iCloud from iOS 8.
The majority of iCloud users do not have two factor authentication enabled; hence the company is going to encourage users to do so after all. That happens after nude photos of several celebrities suddenly appeared on the internet last week. They were obtained in part by accessing the celebrities’ iCloud accounts through security questions. Apple CEO Tim Cook thinks the company could have done more to make people aware of the threat of hackers, he told The Wall Street Journal.
As of iOS 8, two factor authentication also works for iCloud accounts on iOS. With two factor authentication, users not only have to enter a password, but also identify themselves in a different way. This can be done, for example, by entering a code generated by an associated smartphone app.
In addition, Apple will send emails to users within two weeks when someone downloads a backup from their iCloud account. Apple was criticized for allowing attackers to download backups without their victims noticing.
In the interview with The Wall Street Journal, Cook does not address the criticism that Apple still relies on security questions for accessing an account when someone has forgotten their password. Answers to those questions are trivial to find, especially for celebrities. Apple is one of the few companies that still relies on the method.
Also read our backstory: what nude photos teach us about passwords