New in OS X: Get MacRumors Push Notifications on your Mac

Resubscribe Now Close

Apple Flooded with iCloud Password Reset Requests Amid Tightened Account Security Controls

In a high-profile case last month, a hacker was able to gain access to Wired reporter Mat Honan's iCloud, Gmail, Twitter, and Amazon accounts, taking control of much of Honan's digital life and remote wiping his iPhone, iPad, and MacBook Air. Honan later detailed how the hack was accomplished through social engineering by entering the system through weaknesses in Amazon's account security and then using credit card information stored there to gain access to Honan's iCloud account.

Following the incident, Apple temporarily halted over-the-phone iCloud password resets, which had required only the user's billing address and the last four digits of the credit card on file with the account. Apple has since rolled out new authentication for password resets, including a requirement that users provide two correct responses to a small group of challenges that includes user-set security questions, more detailed credit card information, and device confirmations via either serial number or pushed Find My iPhone verification codes.

We've heard from several Apple support employees who have noted that their abilities to help customers have been severely restricted as part of the effort to tighten up security, with staff only able to send password resets to email addresses on file with the account. Employees are no longer permitted to send password resets to arbitrary email addresses and can no longer set temporary passwords on accounts to enter troubleshooting mode during support calls.


One employee we spoke with has detailed a tremendous influx in support calls with the release of iPhone 5, as customers looking to restore iCloud backups of their old phones onto their new phones are in some cases having difficulty remembering their passwords. Support calls are said to be up on the order of tenfold over the past week or so surrounding the iOS 6 and iPhone 5 launches.
I know what you are thinking. The rightful person that owns the Apple ID should have no problem doing enough of that to be able to verify their ID and be able to then reset their password or security questions or unlock their account. And you would be wrong in thinking that.
This employee has emphasized that if users can not confirm their identities within the new framework of authentication challenges, there is nothing Apple support staff can do to help them and they will be frozen out of their iCloud accounts. For this reason, the employee notes that users are strongly encouraged to know the exact answers to their security questions, make sure a proper credit card is associated with the account, and set up Find My iPhone/iPad/iPod, maximizing their chances of being able to regain access to their accounts should their passwords be lost.

Finally, this employee has cautioned users about both changing their password and resetting their security questions at the same time, particularly if they do not have a credit card on file with the account. In that instance, if the user is unable to get into their account with the reset password, the deleted security questions and the lack of a credit card will essentially make it impossible for Apple support to verify their identity and regain access to the account.

Top Rated Comments

(View all)

27 months ago
I have NO sympathy for people who lose their passwords, their security questions and their credit card id at the same time.
Sorry.
If you lose your passport, your birth certificate and your house keys at the same time, you are also in trouble - rightfully so. Identity theft is serious. :rolleyes:
Rating: 11 Votes
27 months ago
1password keeps me sane
Rating: 8 Votes
27 months ago
I would hate to be an Apple employee working the phones right now. I just can't imagine how many stupid people must be calling. I know Mac users have been shown to have higher IQs, but I'm sure it's the opposite with iPhone users.
Rating: 6 Votes
27 months ago
I think we've moved into an era where the traditional username and password combination for authentication is insufficient, both from a security and feasibility standpoint.
Rating: 6 Votes
27 months ago
Last pass has me sorted. I'm slowly learning many of the generated passwords by using them regularly too.

Such a shame to see people stuck like this but due to the constant media scrutiny towards Apple, they're damned if they do and damned if they don't.
Rating: 5 Votes
27 months ago
One more reason not to use iCloud.
Store Locally.
Rating: 4 Votes
27 months ago
A woman that I help with her Mac had to get her password reset. She called me and I wasn't able to help her. I directed her to Apple to get her password mess straightened out -- it took over 7 days to get everything done. :eek: Apple is going hyper-paranoid (with good reason) about password resets.
Rating: 4 Votes
27 months ago
Worked for Apple for four years in the retail environment, and I can tell you, 2/3 of the customers did NOT know their Apple ID Password. We would literally give them a pen and paper to write it down, because chances were, they'd forget it within ten minutes. Which happened more often than you would think.

This isn't meant to sound ageist, by any means. But it is what happened.
Rating: 4 Votes
27 months ago

I would hate to be an Apple employee working the phones right now. I just can't imagine how many stupid people must be calling. I know Mac users have been shown to have higher IQs, but I'm sure it's the opposite with iPhone users.


Wow, what a way to generalize. It only shows your own stupidity.

----------

Worked for Apple for four years in the retail environment, and I can tell you, 2/3 of the customers did NOT know their Apple ID Password. We would literally give them a pen and paper to write it down, because chances were, they'd forget it within ten minutes. Which happened more often than you would think.

This isn't meant to sound ageist, by any means. But it is what happened.


Dont worry. Was not near as bad as the post above yours.
Rating: 3 Votes
27 months ago

I would hate to be an Apple employee working the phones right now. I just can't imagine how many stupid people must be calling. I know Mac users have been shown to have higher IQs, but I'm sure it's the opposite with iPhone users.


Really? Show me the 'study' that shows Mac users have higher IQs, and I hope it doesn't include yours, cause you don't seem too bright yourself
Rating: 3 Votes

[ Read All Comments ]