Some users are randomly getting locked out of their Apple ID accounts

AppleInsider

Overnight, a notable portion of iCloud users were getting logged out of their accounts across all of their devices, and the only way back in was to perform a password reset.

Web-based iCloud login page

The log-outs weren't -- or aren't, it's not clear yet -- happening on one particular class of device. And, if you were impacted, it's across nearly all of your devices including HomePods, Apple TV hardware, iPhone, iPad, and Mac.

One AppleInsider staffer said that whatever the cause of the issue, it impacted app-specific passwords as well.

Seems at least some of us are experiencing issues with our iCloud/Apple ID accounts where we have to reset our passwords and re-login.

Anyone else?

— Dave Hamilton (@DaveHamilton)

April 27, 2024

As of April 27 at 6:43 AM, there is still no indication of an issue on the iCloud status page. It's hard to tell if the issue has settled, as the US east coast is just waking now and associated keywords on social media have been hijacked by spammers.

It doesn't appear to be an organized hack or attack. nor a mass-attempt at credential stuffing. Users aren't reporting two-factor authentication triggers or similar warnings.

We've reached out to Apple, requesting comment.



Read on AppleInsider

stuke

Yep, it hit me.  What a pain in the a$$ it was to "break into" the reset when you have many devices (Macs, iPhones, iPads, etc.) on your Apple ID.  Took about 15 minutes to run around, collect everything and get a password reset in place.  It will takes days before everything else that is linked to the Apple ID gets my attention for "updating your Apple ID" settings.  Personally, I believe it was a forced security update by Apple to make us update our Apple ID passwords.  (Yes, mine has been the same for quite some time.)  It would be better, if my theory holds, that Apple provide a procedure for doing this all at once for all your devices!

garfolino

Glad to read this here. Happened to me out of the blue yesterday. I gladly reset it and was wondering if anybody was trying to take my account over. But it’s all fine. 

Not a pain at all for me. Less than 5 minutes I was done. 

sorryusername

It just happened me too.
On my oldest mac.com account from 2000/2001.

boboq

Happened to me, around 7:30 or 8p CDT last night. (Good thing my wife was out because she'd have gone crazy while I was running around resetting everything on all the devices.) Thought I had it all covered but my Home App was funky this a.m. so I had to go to my Apple TV and re-enter the password there to get HomeKit to recognize my devices on my iPad. (My iPhone Home App was okay for some reason.) I checked the Apple Status page when it happened to see if there were any issues with iCloud but it reported everything was okay. Very mysterious. 

hb356

Got me last night. Was more shock than anything. I had read about malware or virus circulation, phishing for icloud passwords and I was concerned. But I was watching my Apple TV and on my Macbook, got the message on both at the same time. Did the reset on the macbook, then the rest of my apple devices. 

PistolPete

Happened to me as well.  Once I generated the new password and created an app specific password for BusyCal, all devices were automatically updated and worked as expected - no issues (just a pain).  I agree that ths may be an Apple forced password reset - its definitely not a hack.

tophatnosocks

Didn't happen to me, yet at least? I do use a 19 character generated passphrase with 3 of each capital, numbers, & special characters.  That, as good as it is, can be really problematic if this would have happened, or yet still does.  I have 2auth on as well, was there any indication if this happened to those that had 2auth on? Was it only those that had 2auth off, and some password like "myAppleID789" since 2002?  LOL   

Peppy

I got hit around 5:30 MST. I thought it was a phishing attack like one I hod read about a few days ago. I'm actually glad it's an Apple issue. Very stressful. My password was very strong and I had 2 factor enabled. 

reflows

This was creepy and did feel like an attack. The pop-ups were relentless, no matter how often I tried to get back to my crossword puzzle. I tried to call Apple but couldn't log in to the support page because my AppleID was locked. The worst part of it was having to give up a well crafted secure and unforgettable password!

macxpress

I was fine...

bgoggin

It erased all my pre-existing app-specific passwords. It's annoying.

Xed

I wonder if this related to whatever migration they're doing with Apple Accounts.

chasm

It would be interesting to see if this forced reset came mostly to people who have had the same Apple ID password for many years, or if there's been a publsihed leak of some Apple ID passwords due to phishing scams. My Apple ID et al are all working normally, but I did just coincidentally change my Apple ID password about a week or so ago after realising how long it had been since I last changed it.

If you are having to change your Apple ID password, or just want to, I strongly recommend that you also make a written note of it somewhere that you have easy access to (but isn't obvious to visitors/others). The Apple ID password is one of those that should be strong enough that it isn't memorable, BUT it's also one that you want to be able to quickly retrieve if you need it, and remember -- if you keep guessing wrong, they'll lock you out fairly quickly (like a bank will).

mfuse

Yep been bugging me for a day or so. Finally got around to it. Had to wait an hour a then quit all the apps iTunes & Email & iCloud that were logged in and needing to have the new password generated. Ugh. Pain. But done. 

reflows

I really hope to see some follow-up on this. I'm not used to feeling my security is vulnerable on Apple products.

gatorguy

stuke said:

Yep, it hit me. Personally, I believe it was a forced security update by Apple to make us update our Apple ID passwords.  (Yes, mine has been the same for quite some time.)  It would be better, if my theory holds, that Apple provide a procedure for doing this all at once for all your devices!

I haven't changed mine since 2020, and so far I'm still good, no "forced update". 

davidmalcolm

If this was an active choice thing, I suspect somebody at Apple decided to lock people out of their iCloud password had appeared in a data breach connected with their email or phone number. That’d be my guess. 

That said I suspect they did it because they’d noticed some sort of vector that was being used by an organized crime group or something like that. IE all the passwords that were stored in one of those big password storing apps that got hacked were all being exploited and causing accounts to be turned into bot accounts used for either iMessage spam or for money laundering or something.

of course Apple won’t give anyone public facing the rationale because that would tip off the crime group doing the exploit.

I wish Apple would let people get their password reset by registered mail where it has to be hand delivered to the address that was already on the account and the user has to pay for it using a credit card with their name on it.   

chasm

davidmalcolm said:

I wish Apple would let people get their password reset by registered mail where it has to be hand delivered to the address that was already on the account and the user has to pay for it using a credit card with their name on it.   

I get where you're coming from, from a security standpoint, but you're effectively saying "I wish Apple would let it take me upwards of a week to change my Apple ID password."  

Xed

chasm said:

davidmalcolm said:

I wish Apple would let people get their password reset by registered mail where it has to be hand delivered to the address that was already on the account and the user has to pay for it using a credit card with their name on it.   

I get where you're coming from, from a security standpoint, but you're effectively saying "I wish Apple would let it take me upwards of a week to change my Apple ID password."  

And the number of people that could then intercept what would be a known letter from Apple with a new password for an account that controls so much would be a PR nightmare. There's are many reasons why this isn't done.

dchender

tophatnosocks said:

Didn't happen to me, yet at least? I do use a 19 character generated passphrase with 3 of each capital, numbers, & special characters.  That, as good as it is, can be really problematic if this would have happened, or yet still does.  I have 2auth on as well, was there any indication if this happened to those that had 2auth on? Was it only those that had 2auth off, and some password like "myAppleID789" since 2002?  LOL   

I got hit with it, over a 20-random-character password already in place with 2FA, and had changed the password only a few months ago.  Worst yet is that while I was at home, for some reason my iPhone activated Stolen Device for 1 hour, so that just added to the issues.