With a simple trick, thieves can completely take over iCloud, after which you will no longer be able to access your files forever. Fortunately, you can prevent this with one preparation: This is how you protect yourself.
Thieves hijack iCloud
Perhaps one of your biggest nightmares: losing access to all your iCloud files. With photos, messages, passwords, documents, and more, there is a lot of important data on your iCloud account. And while Apple has introduced several security measures to prevent you from being locked out of your account, thieves have found a new way to bypass them to a great extent. This way they can just hijack your iCloud.
A thief only needs two things: your iPhone or iPad, and your access code. The latter can be copied, for example, when entering the code in a public place, or guessed if you have a simple code like “1234” or “2580”.
This is how the thief works
Once the thief has your iPhone and your code, he will only need to follow a few simple steps. In Settings > iCloud, change the password to change your iCloud just by entering your access code. Then it creates a (new) recovery key in the same list.
This recovery key makes it impossible for you to access your account. Once you try to log into your account via another device or iCloud.com, and your old password no longer works, you must enter this recovery key. And since the code is only for the thief, you can’t enter anymore.
Apple call? This is useless
Now you might think: then I’ll call anyway Apple support still access? However, according to The Wall Street Journal, which discovered this stunt, it doesn’t make much sense. The recovery key policy is strict: if you don’t have it, you won’t be able to access your iCloud account.
For privacy reasons, Apple cannot confirm that you are the owner of an iCloud account. Not even a copy of your ID or passport will be accepted — in part because you don’t have to provide that when you create your account, so Apple can’t confirm that this is really yours.
This is how you protect yourself
Fortunately, you can prevent all this misery with one stop. This closes your iCloud account settings with a separate code. This way, the thief can’t access it, even if he has your access token. So the iCloud password can’t be changed either, and a recovery key can’t be generated.
You can set this via Settings > Screen Time. If this feature is not already activated, you need to do that first. Enter a different code than your access code. If Screen Time is already on, you can change the code via “Change Screen Time Passcode”.
Then go to Restrictions, turn on the switch at the top, and scroll down to Account Changes. Click this, then click Don’t Allow. Now no one can access your iCloud settings (the option will be greyed out), unless you disable Restrictions again using your separate icon for this.
More Apple news
News
Why you should download the 112 app now
News
08:071 minute
News
PDF Editing: Take your files to the next level with this app
News
yesterday1 minute
iCloud Hijack: Workaround
Apple told the Wall Street Journal that the company is constantly improving its security. This probably also means that Apple will soon come up with a permanent solution to this problem, where you don’t have to dig into the settings yourself.
However, this is for the future: for now it’s important to follow the above steps and protect your iCloud. And do you want to know immediately when Apple comes up with a better solution, for example in a software update? Then subscribe to our newsletter:
Unfortunately, your registration was not successful. Please try again later.
source: The Wall Street Journal
“Professional web ninja. Certified gamer. Avid zombie geek. Hipster-friendly baconaholic.”