MacMusic  |  PcMusic  |  440 Software  |  440 Forums  |  440TV  |  Zicos
account
Search

How Apple’s iCloud authentication system fails to protect your account when using a browser

Friday April 12, 2019. 01:00 PM , from Mac 911
Update 4/15/19: Apple says the problem isn't with iCloud's two-factor system, but rather with the way browser is treated. A representative explained that browsers are treated as separate trusted devices, thus sending the code to all other devices, including the one you're using.With an iCloud account and an Apple device, two-factor authentication is quite different than it is on any other device or account. As is the Apple way, 2FA on your iPhone or Mac is baked into the device you own, setting up a system that is theoretically as secure as a security key. Except when it’s not.Here’s how it works. When you’re trying to log into your iCloud or Apple Music account account on your iPhone, you’ll first be prompted to enter your password. Once that is recognized, you will then be asked to input a code that has been sent to one of your trusted devices, say an iPad. You’ll get a message on your iPad informing you that someone is trying to log into your account and asking whether you want to allow it. Then you’ll receive a six-digit code that you’ll enter into the boxes on your iPhone.To read this article in full, please click here
https://www.macworld.com/article/3387518/apple-icloud-2fa-flaws.html#tk.rss_all
News copyright owned by their original publishers | Copyright © 2004 - 2024 Zicos / 440Network
Current Date
Mar, Fri 29 - 00:55 CET