Night mode is an automatic setting which takes advantage of the new wide-angle camera that's in the iPhone 11 and 11 Pro models. It's equipped with a larger sensor that is able to let in more light, allowing for brighter photos when the light is low.
macOS Catalina Now Available
Losing Two-Factor Recovery Key Could Permanently Lock Apple ID
In March 2013, Apple introduced two-factor authentication to provide additional security for Apple IDs. It expanded the feature to several new countries earlier this year and introduced it to the company's iCloud.com website this September. This was after CEO Tim Cook promised to broaden use of its two-factor authentication system in the wake of a hacking incident that saw several celebrities' iCloud accounts hacked.
The system requires a user to have a second "trusted" device that is used to verify a user's identity in addition to an extra security code called the "Recovery Key". However, in a new account from The Next Web's Owen Williams, that Recovery Key also has the potential to completely lock a person out of their account if they're being hacked.
Williams found that someone had tried to hack his iCloud account. Apple's two-factor system kicked in and locked the account, denying entry to the would-be hacker while also denying entry to Williams. When he went to iForgot, Apple's account recovery service, he assumed two of his password, Recovery Key or trusted device would unlock his account, as he was led to believe by an Apple Support document.
Williams concludes with a warning that anyone with two-factor authentication should take far greater care in protecting and remembering where they store their Recovery Keys, as losing it could permanently lock a user out of their Apple ID with Apple unable to do anything to help. The entire account, which is a fascinating and worthwhile read, can be read at The Next Web.
The system requires a user to have a second "trusted" device that is used to verify a user's identity in addition to an extra security code called the "Recovery Key". However, in a new account from The Next Web's Owen Williams, that Recovery Key also has the potential to completely lock a person out of their account if they're being hacked.
Williams found that someone had tried to hack his iCloud account. Apple's two-factor system kicked in and locked the account, denying entry to the would-be hacker while also denying entry to Williams. When he went to iForgot, Apple's account recovery service, he assumed two of his password, Recovery Key or trusted device would unlock his account, as he was led to believe by an Apple Support document.
When I headed to the account recovery service, dubbed iForgot, I discovered that there was no way back in without my recovery key. That’s when it hit me; I had no idea where my recovery key was or if I’d ever even put the piece of paper in a safe place. I’ve moved since I set up two-factor on iCloud.Williams contends he took a screenshot of the Recovery Key and printed that out as well as taking a photo on his iPhone to keep as a backup, but could not locate either and was on the verge of losing his "digital life". He called Apple customer support and was told that he had forfeited his Apple ID by losing his Recovery Key and that there was no way Apple could help him. He called back a second time.
When she got back on the line, the story was just as bleak. “We take your security very seriously at Apple” she told me “but at this time we cannot grant you access back into your Apple account. We recommend you create a new Apple ID.”After a couple more days of talking to Apple customer support and even friends who worked at Apple, he continued to receive same responses: he was locked out of his account due to someone trying to hack into it and couldn't unlock it without a Recovery Key even though Apple's support document says it's possible with a trusted device. Eventually, Williams located his Recovery Key in what he calls the "depths" of his Time Machine backup, allowing him to finally unlock his account.
Williams concludes with a warning that anyone with two-factor authentication should take far greater care in protecting and remembering where they store their Recovery Keys, as losing it could permanently lock a user out of their Apple ID with Apple unable to do anything to help. The entire account, which is a fascinating and worthwhile read, can be read at The Next Web.
[ 206 comments ]
Top Rated Comments
(View all)
63 months ago
I am also confused how this is news. Apple explicitly states that losing the key will make the recovery impossible. And anyway, do you want secure accounts or not? If yes, then you are personally responsible for your stuff. Putting this silly article on MacRumours is entirely pointless.
63 months ago
Almost all the posts in here are incorrect about the purpose of the Recovery Key.
The Recovery Key is required if you forget your Apple ID password or lose access to a trusted device.
According to this article, the person in question knew his password and had a trusted device. He shouldn't have needed the Recovery Key.
The only thing Apple says about an account being compromised is that you need to reset your Apple ID password. And it says nothing about needing a Recovery Key to do that.
The Recovery Key is required if you forget your Apple ID password or lose access to a trusted device.
According to this article, the person in question knew his password and had a trusted device. He shouldn't have needed the Recovery Key.
The only thing Apple says about an account being compromised is that you need to reset your Apple ID password. And it says nothing about needing a Recovery Key to do that.
63 months ago
Two-Factor Authentication is just that:
A user will need 2 out of the 3;
1. Password
2. Device
3. Recovery Key
The name of service describes it.
They could perhaps release the lock after 48 hours, or unlock the account if you supply password, trusted device, and some additional verification (like showing a photo ID at an Apple store or sending a verification code to an alternate email address).
63 months ago
This happened to me
This exact issue happened to me (lost my recovery key and account was locked out), and was fixed just today in fact (funny coincidence?).
So initially my two-factor enabled account was locked out by someone else trying to log into it too many times. Unlike simple accounts, two-factor accounts won't unlock after 8 hours, and actually have to have the passport reset. Where the issue arises is that Apple only ever says you have to have 2 or the 3 "keys" to regain access to your account:
1. Password
2. Trusted Device (or mobile number)
3. Recovery Key
However, if your account gets locked out, the iforgot website only gives you the option to enter the recovery key. There is a link under the box to enter it "Lost Recovery Key" which leads you to the two-part authentication support page. It lists that to reset your recovery key, you simply need to login to manage your apple ID and regenerate a new one. However this simply leads you back to a locked out account, which leads back to iforgot (a big loop).
I raised this issue with Apple Support back in July/August 2014 and over 15 calls and emails back and forth and 4 different senior support specialists they were still "looking into it". Finally I got tired of the lack of effort on their side to resolve my issue so I emailed them back (first week of December 2015), this time copying Tim Cook and Eddy Cue. It's surprising how much faster things moved after that. I received a phone call from a representative from the executive support team who hooked me up on a call with an Apple Engineer and another support specialist (they seem to have many levels of these).
Long story short, the Apple Engineer was able to "unlock" my account temporarily which allowed me to login to my Apple ID management account page and reset my account. I was able to use my existing password and a text message sent to my phone to resolve the two-step authentication part. The engineer was a bit of a dick about it and was blaming me for having lost the Recovery Key, but I don't see how thats my problem as they said I could use "any" 2 not my "Recovery Key" then "any" 2.
So there is hope if you think they can't do it. You might have to wait 3-4 months like me, but all is not lost :).
This exact issue happened to me (lost my recovery key and account was locked out), and was fixed just today in fact (funny coincidence?).
So initially my two-factor enabled account was locked out by someone else trying to log into it too many times. Unlike simple accounts, two-factor accounts won't unlock after 8 hours, and actually have to have the passport reset. Where the issue arises is that Apple only ever says you have to have 2 or the 3 "keys" to regain access to your account:
1. Password
2. Trusted Device (or mobile number)
3. Recovery Key
However, if your account gets locked out, the iforgot website only gives you the option to enter the recovery key. There is a link under the box to enter it "Lost Recovery Key" which leads you to the two-part authentication support page. It lists that to reset your recovery key, you simply need to login to manage your apple ID and regenerate a new one. However this simply leads you back to a locked out account, which leads back to iforgot (a big loop).
I raised this issue with Apple Support back in July/August 2014 and over 15 calls and emails back and forth and 4 different senior support specialists they were still "looking into it". Finally I got tired of the lack of effort on their side to resolve my issue so I emailed them back (first week of December 2015), this time copying Tim Cook and Eddy Cue. It's surprising how much faster things moved after that. I received a phone call from a representative from the executive support team who hooked me up on a call with an Apple Engineer and another support specialist (they seem to have many levels of these).
Long story short, the Apple Engineer was able to "unlock" my account temporarily which allowed me to login to my Apple ID management account page and reset my account. I was able to use my existing password and a text message sent to my phone to resolve the two-step authentication part. The engineer was a bit of a dick about it and was blaming me for having lost the Recovery Key, but I don't see how thats my problem as they said I could use "any" 2 not my "Recovery Key" then "any" 2.
So there is hope if you think they can't do it. You might have to wait 3-4 months like me, but all is not lost :).
63 months ago
It's been this way since day 1. Hello!
Since the password has been entered wrong multiple times hence "forgotten", "hacked", "locked", "disabled", call it whatever you want, the system requires you to have the other 2 options:
recovery key + trusted device
Since the password has been entered wrong multiple times hence "forgotten", "hacked", "locked", "disabled", call it whatever you want, the system requires you to have the other 2 options:
recovery key + trusted device
63 months ago
I wonder how many of the people here calling that guy stupid proceeded to check that their recovery key still exists.
[ Read All Comments ]
Apple today sent out emails for a new Apple Pay promotion, offering a $5 discount on groceries when you spend $35 or more through Instacart. To get the discount, you'll need to use Apple...
Luna Display today introduced a new Mac-to-Mac mode that allows any Mac released within the last decade to be used as a second display for another Mac. This includes any combination of Macs, ranging...
Apple has released a third trailer for the upcoming comedy series "Dickinson" ahead of its November 1 premiere on Apple TV+.
Dickinson is a half-hour comedy series starring...
Adobe remains committed to releasing Photoshop CC for the iPad by the end of 2019, and plans to provide an update on the app at its Adobe MAX creative conference in early November, according to...
Smart camera brand Arlo has launched a new internet connected Video Doorbell that's "designed to capture what traditional video doorbells can't."
Arlo says the Video Doorbell...
While not yet reflected on Apple's system status page, a number of Apple services are currently experiencing downtime or slow performance, including the App Store, Apple Music, iCloud, and the...
Apple today seeded the fourth beta of an upcoming watchOS 6.1 beta to developers, just under a week after seeding the third watchOS 6.1 beta and a month after releasing the watchOS 6 update with full...
Apple today seeded the third beta of an upcoming tvOS 13.2 update to developers for testing purposes, just under a week after seeding the second tvOS 13.2 beta and three weeks after releasing the...
