Two-step verification would have not stopped hackers from accessing celebrities' iCloud data: Apple at fault

Vamien McKalin, Tech Times 06 September 2014, 04:09 am

The stolen celebrity nude images that were copied from Apple's iCloud service and shared with the world are still hot in the lips and finger of everyone on the web. The big question is though, could two-step verification made a difference? Apparently not, and Apple is to be blamed for this.

Before going off on the deep end, bear in mind that Apple does support two-step verification, but its version in its current form isn't capable of protecting users on a level that is deemed acceptable. The company's two-step verification method only works for when users are purchasing content, or attempting to change certain preferences in their account.

Unfortunately, when users access their iCloud account to view pictures and other content, the service will not trigger two-step verification because it is not enabled in this respect. What does this mean? Well, hackers who have gotten their hands on the username and password of an iCloud account can just simply gain access to the victims account with relative ease.

If two-step verification was enabled in iCloud the correct way, and when a person attempts to sign into an account from a different device, the user should get an email notification alerting them that something is off. The user would be required to change his/her password immediately before things get out of hand.

We understand though that if another device were used to access a person's iCloud account, they would get a notification telling them that another computer has gained access to their account. However, this wouldn't do much since the culprit would have already swiped everything and ran off already.

Interestingly enough, many folks did not know that Apple offered two-step verification until recently. Companies like Google and Microsoft tend to make this a big deal by alerting users several times about two-step verification, we wonder if Apple had done the same.

"I hope recent events push Apple to expand what users can protect with two-factor authentication, such as access to iCloud from any new device," Rich Mogull, the CEO of Securosis, a security research firm, wrote in an email to HuffPost. "It is becoming an essential security option for cloud services, especially in the face of targeted attacks and the problems with passwords alone."

At the end of the day, folks should come to the realization that while cloud storage has its merits, it is not the safest place in the world. Use it to back-up images and documents that have no personal values, but leave the other stuff out of it.