I'm sure that it's not.
I've never gotten hacked online, but I was the target of a telephone scam some years back, by some shady company that had somehow made a few charges to one of my bank cards, without my authorization of course.
I was seriously pissed off, and I immediately cancelled that card, and then I contacted the State Attorney General, the FTC, and I even spoke to an agent at the FBI, since this was across state lines. To make a long story short, the situation was rectified pretty quickly.
Good for you! The nuclear option is sometimes the only option.
I know what you mean. I get the "Trust this computer?" pop-up regularly for no apparent reason when I hook my iPad up to my computer. Of course I trust my own Apple computer!
Except they do.
Counsel: "You mean to tell me that Apple's stoplist did not preclude my client
from choosing 'Princess1' as a password?"
Defense: "Your honor, ladies and gentleman of the jury. That is correct, but
'Princess1' is only #2 on the "ibrute" list, so that our (temporary-only) gaffe
with the "no counters" Find My iPhone URL login cannot be implicated."
While this may or may not be true, it doesn't excuse Apple from not having rate-limited iCloud login attempts:
This is why I assume (perhaps incorrectly) that a targeted phishing scam was at work here. No need for password generators and the like. The only thing needed would be a private e-mail address, which could have been exposed in any of the recent massive credit card hacks. In fact, a brute force attack on Twitter may have yielded those same private e-mail addresses.
I am waiting for the day when passwords are a distant memory. To be safe and secure you have to use long and difficult to remember ones. You also should never use the same ones on different sites and change often. I would much prefer a temp password sent by text that only last 15 minutes before it expires then only need to remember the email address or username.
Apple is no "worse" than any other service. In fact, they seem to be more secure and proactive.
What a horrible idea.
How about tying a login/password to an anonymous Bitcoin code? Then it would be uncrackable, distributed and unknown, even to the user.
No, they should not!
If somebody goes out and buys a $10,000 lock for their front door, yet they forget to lock it one day, and thieves walk up to it and enter the house, then whose fault is that?
Human stupidity will trump any security measure, no matter how costly. Apple is not responsible for the dumb and careless actions that people make.
So most likely the majority of those celebs were stupid, careless and ignorant.
They're probably the kind of stupid people that would use their birthdates in their passwords, or the name of their pets or some other, extremely easy to guess passwords. Especially if somebody is a famous celeb, finding personal information about them online isn't exactly difficult.
And they also probably chose very easy to guess security questions, that anybody who has access to a search engine could easily figure out.
There is a reason these people are famous and people want to see pics of them, and it isn't because of their brains...
/end sexist but true remark
This is what you get when you store personal things you would not want you mom seeing in the cloud and being stupid about it. Hacker are a lot smarter than your average thief. Image the work the when through to track down on the necessary information to get into each account whether on icloud or any other cloud based storage product out there.
What is what you get? nothing happened as the leaks weren't from icloud so whats your point?
That is not what this says. It says iCloud was not compromised as a service, but that some celebrity accounts were directly compromised. In other words, someone hacked their user account credentials / recovery information and not the iCloud service. Subtle difference but it does mean that some of that leaked content may be from peoples iCloud storage. This also doesn't say if any of the pictures and video in these leaks is actually from the accounts that were individually compromised. So it doesn't say much really other than people should use strong passwords, two factor authentication, and Apple should keep fixing bugs in their security as soon as they are found.
Just as I figured. I wonder if they’ll still up iCloud’s security anyway.
I’d love to not have an upper limit on my password size. I’d also love to not be forced into having numbers and uppercase letters. There’s absolutely no excuse for that. I’ve kept my original iCloud password since the beta because of this nonsense (no restrictions in the beta).
I’d also love to be able to write MY OWN QUESTIONS.
That doesn't totally solve the problem. Answering any security question honestly is ripe for trouble. Same with using the same answers across many sites. It's akin to using the same password across many sites. Sometimes its easier to gain access to someones info by going the security question route vs. guessing at the password.
Using a password manager like 1password to generate unique passwords across all accounts as well as using it to generate dummy unique answers to security questions is the answer. Two factor authentication is another method.
I am open to any idea that is safe, secure, and makes it easier for all of us to access sites, apps, email, etc..without having to use long and burdensome passwords. I think temp passwords by text would be the easiest but I don't know much about Bitcoin.