Tim Cook: Apple to Add Security Alerts for iCloud Users, Broaden Two-Factor Authentication

icloud_icon_blueApple will add security alerts for iCloud users, broaden two-factor authentication and make a more aggressive effort to alert users about protecting their accounts, Apple CEO Tim Cook told the Wall Street Journal in his first interview since the recent hacking incident involving celebrities' iCloud accounts.

To make such leaks less likely, Mr. Cook said Apple will alert users via email and push notifications when someone tries to change an account password, restore iCloud data to a new device, or when a device logs into an account for the first time. Until now, users got an email when someone tried to change a password or log in for the first time from an unknown Apple device; there were no notifications for or restoring iCloud data.

Cook said the new notifications will begin in two weeks and will allow users to take action on potential hacking immediately, allowing them to either change the password to retake the account or alerting Apple's security team. Cook echoed Apple's previous press release on the hackings, stressing that the best prevention for future incidents are more human than technological.

"When I step back from this terrible scenario that happened and say what more could we have done, I think about the awareness piece," he said. "I think we have a responsibility to ratchet that up. That's not really an engineering thing."

Apple will also broaden use of its two-factor authentication system, allowing it to also cover access to iCloud accounts from mobile devices like iPad and iPhone. Cook said the majority of Apple's users don't use two-factor authentication, so the company is planning on aggressively getting its users to turn on the feature. Cook also mentioned that had the celebrities been using two-factor verification, the hackers would not have been able to guess their security questions.

Apple has previously explored expanding two-factor authentication to some iCloud services, but an official expansion of the feature had not yet been introduced.

Top Rated Comments

Swazaloo Avatar
121 months ago
They should have thought this ahead before the damage is already done.
This type of poor management of sensitive data reminds me of Microsoft, ie; Damage control policy, let the bad things happen then look for ways to prevent them from happening again.

Yea and they should have thought about smoking being bad before millions of people died from it. What more do you want? They already have 2-step verification. The more alerts the better.
Score: 36 Votes (Like | Disagree)
CEmajr Avatar
121 months ago
Sounds like a typical case of users using weak passwords (which most users tend to do) and hackers using common words to guess them. Amazing that with all the attempted hacking and identity theft and such going around that people still refuse to use complex passwords and security features. Especially celebrities.
Score: 29 Votes (Like | Disagree)
trevorbsmith Avatar
121 months ago
Glad that Tim Cook himself is speaking up and Apple is actually showing responsibility by making changes to security. Old Apple under Steve Jobs would stonewall for as long as possible, hoping that the story would go away.

Tim Cook is a fantastic CEO this way. He has done a great job at saying "hey, we screwed up" when they have (and even if they haven't), and saying "hey, we agree, things could be better and we're going to make sure they are."
Score: 21 Votes (Like | Disagree)
0xyMoron Avatar
121 months ago
They should have thought this ahead before the damage is already done.
This type of poor management of sensitive data reminds me of Microsoft, ie; Damage control policy, let the bad things happen then look for ways to prevent them from happening again.
Score: 17 Votes (Like | Disagree)
trevorbsmith Avatar
121 months ago
So when the so called hacker is already restoring all the data to a phone or a forensic program all we get is an e-mail telling us "hey all your dumb selfies are being downloaded by an unknown person"?

Not if you enable 2-factor authentication. Then they will not be able to change your password, so they won't be able to get at your iCloud data.

Also, as the article said, Apple is also going to expand 2-factor authentication so, presumably, even if you know someone's password, you STILL won't be able to restore/slurp their iCloud backups without also having access to one of their trusted devices.

Most importantly, he points out that most of their customers CHOOSE not to use 2-factor authentication. (Which is THE CUSTOMER'S FAULT, not Apple's.) And they are going to start harassing customers to smarten up and use it.

There is nothing more Apple can do than that.
Score: 16 Votes (Like | Disagree)
wlossw Avatar
121 months ago
They need to halt the restore until you authorize the action either with trusted device or secure backup key... Notification after the fact, is of questionable value...
Score: 14 Votes (Like | Disagree)

Popular Stories

iOS 16 4 Web Push

Apple Confirms Governments Using Push Notifications to Surveil Users

Wednesday December 6, 2023 5:06 am PST by
Unidentified governments are surveilling smartphone users by tracking push notifications that move through Google's and Apple's servers, a US senator warned on Wednesday (via Reuters). In a letter to the Department of Justice, Senator Ron Wyden said foreign officials were demanding the data from the tech giants to track smartphones. The traffic flowing from apps that send push notifications...
best buy snowflakes

Best Buy's New Weekend Sale Has Record Low Prices on MacBook Pro and MacBook Air

Friday December 8, 2023 7:37 am PST by
Best Buy's month-long holiday sale continues this weekend with multiple all-time low prices on Apple's line of MacBook Pro and MacBook Air computers. In addition to Apple notebooks, Best Buy's event has discounts sitewide on home appliances, TVs, video games, and more. Note: MacRumors is an affiliate partner with some of these vendors. When you click a link and make a purchase, we may receive...
iOS 17

iOS 17.2 Will Add These 12 New Features to Your iPhone

Friday December 1, 2023 12:19 pm PST by
iOS 17.2 has been in beta testing for over a month, and it should be released to all users in a few more weeks. The software update includes many new features and changes for iPhones, including the dozen that we have highlighted below. iOS 17.2 is expected to be released to the public in mid-December. To learn about even more features coming in the update, check out our full list. Journal ...
beeper mini

Apple Puts a Stop to Beeper Mini's iMessage for Android Feature

Friday December 8, 2023 2:24 pm PST by
Apple appears to have closed the loophole that Beeper Mini used to bring iMessage to Android, putting a stop to blue bubbles from Android devices. Beeper Mini quit working earlier today, with users receiving "failed to lookup on server: lookup request timed out" error messages. Beeper said on Twitter that it is investigating the issue, but Beeper CEO Eric Migicovsky told TechCrunch that "all ...
maxresdefault

Review: Two Months With the iPhone 15 Pro Max

Thursday December 7, 2023 12:04 pm PST by
Apple's iPhone 15 lineup came out in September, and while most reviews are done shortly after a new device launches, we like to follow up with a longer term review that gives us an opportunity to provide a deeper dive into what it's like using these phones on a day to day basis for months. Subscribe to the MacRumors YouTube channel for more videos. MacRumors videographer Dan Barbera has been...
apple watch black friday

Apple Watch Ultra 2 Hits New Record Low Price of $699, Alongside Series 9 and SE Sales

Friday December 8, 2023 8:55 am PST by
Amazon has a few big discounts on Apple Watch today, headlined by a new all-time low price on the Apple Watch Ultra 2. Many of these watches can be delivered by Christmas, with delivery dates around the middle of next week for most models. Note: MacRumors is an affiliate partner with Amazon. When you click a link and make a purchase, we may receive a small payment, which helps us keep the site ...
iphone se 4 modified flag edges

iPhone SE 4 May Reuse Existing iPhone 14 Battery

Wednesday December 6, 2023 1:17 pm PST by
Recently, MacRumors has received details on the battery currently being tested on the upcoming fourth-generation iPhone SE, and the information corroborates previous findings in relation to the device. The iPhone SE 4, known by its device identifier D59, is expected to use the exact same battery found in the base model iPhone 14. Partially assembled prototypes of the next iPhone SE have been ...
iOS 17

35 Things Your iPhone Can Do in iOS 17.2 Coming This Week

Wednesday December 6, 2023 5:57 am PST by
Apple made the first beta of iOS 17.2 available to developers in October. Since then we've seen three more betas, and with each iteration Apple continues to add more new features and changes, many of which users have been anticipating for quite a while. Below, we've listed 35 new things that are coming to your iPhone when the finalized version is publicly released in mid-December. 1....