Latest in Icloud

Image credit:

The only way to make your iCloud security questions actually secure

John-Michael Bond, @BondJohnBond
September 3, 2014
Share
Tweet
Share

Sponsored Links

The recent leak of nude photographs from some of America's biggest female celebrities has drawn attention to the security of Apple's iCloud. If there's one takeaway from this incident, other than people who share the private photos of other are scum, it's that sometimes it's the simplest things that betray our security. In this case, it was security questions.

According to Apple these leaks weren't caused through complicated computer hacking; instead, they were brought about through conventional (security question/username) password reset methods. All someone needs is your Apple ID (often an easily guessed common email) and some personal information. When you tell iCloud that you forgot your password it offers the option to use security questions to get the information. Once you enter your Apple ID it will ask for your birthday. Depending on your privacy settings on Facebook, anyone could have that.

That's all someone needs to gain access to your security questions. Obviously Apple should probably fix how easy this process is, but in the meantime there is a surefire way to keep your security question answers secure -- lie, lie, lie.

Lie in the answers to your security questions to make them unguessable. Here are some examples.

  • What was your first job? WillieNelsonDrugDealer4242
  • What was the first concert you went to? 777BuTTsAreFunny
  • What was the name of your first pet? 5GrandMasOldSocks5

Trust us. Lie in your security code questions. We understand why these questions exist, to aid people with crummy memory who often forget their passwords. For those of you who cannot keep track of your password, consider writing down the answer to security code question on a piece of paper and storing it in your home. Sure, someone might find it, but they'll just assume it's your normal password. No one assumes you've written down your security questions. You can also use password-secured apps like 1Password to store those made-up answers to your security questions instead of writing them down.

Until Apple finally introduces two-step verification for iCloud accounts this is the best way to be secure. It is also the silliest security measure we will ever recommend. We're in good company with this opinion, as shown by this xkcd comic.

What's your security code answer? Let us know in the comments if you missed the point of this article.

In this article: icloud, leak, security
All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
Tweet
Share

Popular on Engadget

Engadget's 2020 Back-to-School Guide

Engadget's 2020 Back-to-School Guide

View
Alleged Twitter hacker was previously caught stealing a fortune in Bitcoin

Alleged Twitter hacker was previously caught stealing a fortune in Bitcoin

View
A $13,000 electric car will go on sale in the US by late 2020

A $13,000 electric car will go on sale in the US by late 2020

View
Tesla is reportedly close to making a more affordable Model Y

Tesla is reportedly close to making a more affordable Model Y

View
Pixel 4a review: The best $350 phone

Pixel 4a review: The best $350 phone

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr