Read our new manifesto

Apple addresses 'Fappening' iCloud exploit with two-step passwords

Apple has filled the security loophole in its iCloud which may have been responsible for the ‘Fappening’ scandal where the images of over 100 prominent celebrities were stolen and leaked.

Apple's iCloud allows the storage of files

In order to make the service more secure, Apple has implemented a two-step password system for those signed into the iCloud through third-party apps.

Those using apps such as Outlook, Calendar and Mozilla Thunderbird will have to verify their accounts on their devices by entering a four digit code sent to their email address.

On the new security feature, Apple explained on its support blog: “Any time you change or reset your primary Apple ID password, all of your app-specific passwords will be revoked automatically to protect the security of your account.

“You'll need to generate new app-specific passwords for any third party apps you would like to continue using with iCloud."

The new security protocol was announced early in September and was supposed to be implemented 1 October but was delayed without reason by the firm. The site will now be able to store up to 25 app-specific passwords, closing the door on hackers seeking to exploit third-party access to the iCloud.

Last month Apple denied that its iCloud service was breached in a single attack, with each account individually targeted by thieves instead.

Join us, it's free.

Become a member to get access to:

  • Exclusive Content
  • Daily and specialised newsletters
  • Research and analysis