Think Information. Think Security.
 
Picture
Apple‘s iCloud service brings a whole raft of services — email, calendar, contacts, ‘Find My iPhone” and cloud storage — and stores them behind a single username and password. This is very convenient, but if that username and password falls into the wrong hands, you can find yourself very quickly in a world of pain. This is what happened to Mat Honan, former journalist for Gizmodo and former contributing editor to WIRED magazine. Before the hackers gained access to his Twitter account and that of Gizmodo, the hackers first gained access to his iCloud account, where they caused irrevocable havoc.

To do all the damage all the hackers needed to do was to get their hands on a single username and password. Honan believes that this was done by a process called brute forcing, that is, trying passwords until you get lucky. It’s a long process, but if the password is simple or short enough, it’s doable. Short passwords are almost as bad as no password at all, in fact, they’re worse because they lull you into a false sense of security.

Another problem with iCloud is that you only need a username and password to access the account, while Google accounts can be protected by a 2-step verification. Here, along with your username and password, you can set your Google account  to ask you for a six-digit code that Google will send via text message to your phone. While this is no doubt more hassle than just using just the username and password, it dramatically improves account security.

Cross-posted from: Forbes



Leave a Reply.