News

Apple Fixes Password Vulnerability, Resets Tool Back Online

By

Apple announced that the recently reported password vulnerability problem has been fixed and that the iForgot tool is back online.

Apple confirmed it had received reports of a password vulnerability problem Friday and said it has been working on a fix and until then it had suspended the iForgot tool. Apple users were recommended to set up the new two-step verification in order to secure their accounts. Now, the company has reported that the problem has been fixed and the password reset tool is up and working.

Apple introduced a two-step verification Thursday, to enhance the security of the users' data and sensitive information. But it noticed that accounts of users who did not enable the two-step verification were accessible by answering simple security questions.

But when some users tried enabling the option earlier Friday, they got an error message that asked users to wait for three days before they would be able to take up the two-step verification.

The Verge reported that the security flaw allowed anybody with an email address linked to the Apple ID and date of birth to reset passwords by pasting a modified URL on the iForgot page. Such an access to other accounts risks exposure of all information on the Apple ID and iCloud accounts to malicious users.

The exploit news comes just a day after Apple introduced its new two-step verification. Through the new security process, users receive verification codes on their mobile either via Find My iPhone app or text message. After that the security code must be entered before making changes to the Apple ID account.

Apple pulled down its iForgot password reset system, which was the source of the vulnerability until the problem was sorted. However, the reset tool remained accessible through different ways.

In a statement to The Verge the company said, "Apple takes customer privacy very seriously. We are aware of this issue, and working on a fix."

The Verge also confirmed that the vulnerability has been resolved and the modified URL remains non-functional.

With the problem being resolved and the reset tool back online,Apple users can heave a sigh of relief but users are recommended to enable the two-step verification so the accounts remain secure.

© 2025 HNGN, All rights reserved. Do not reproduce without permission.
Most Read
Jammacar Rodkesh Gayle

Man Steals Knife From Butcher To Stab Woman Who Criticized His 'Uncontrolled' Children

Colombia
Colombia Faces Worst Humanitarian Outlook Since Peace Deal, Report Warns
U.S. Citizen Wrongfully Detained by ICE for ‘Illegally Entering Florida’
ICE Refuses To Release US Citizen Detained Despite Showing Birth Certificate
Volz
Man Who Held Parents At Gunpoint And Claimed To Be 'Jesus' Killed In Police Shootout
Courthouse
Trump Admin Directs Judges To Fast-Track 'Legally Deficient' Asylum Applications
Editor's Pick
DOJ vs. Google: 5 Key Takeaways That Could Change Online
Tech

DOJ Vs. Google: 5 Key Takeaways That Could Change Online Search

"Where is everybody?": This question, about the lack of aliens in the vast universe, is called Fermi's paradox
Science

Where Are All The Aliens?: Fermi's Paradox Explained

Vehicles of automobile brands belonging to General Motors Company are seen at a car dealership in Queens, New York
Business

US Retail Sales Climb 1.4% In March, Fueled By Auto Buys

North America's digital infrastructure is at the forefront of global
Business

The ProLift Rigging Company: The Growing Role Of Data Centers In North America's Digital Infrastructure