A new security vulnerability affects Apple users that allows anyone who has your email address and date of birth (DOB) to reset your password.

While Apple was adding two-factor authentication, it saw a vulnerability that opens a huge security hole if you don’t upgrade.  In an apparent good deed gone sideways Apple opened up a security hole while trying to add two step verification or as industry experts call it two-factor authentication.   This new security vulnerability affects Apple users that allows anyone who has your email address and date of birth (DOB) to reset your password.

According to theVerge report Apple’s password reset tool is currently unavailable “due to maintenance,” a strong indicator that the company is working to patch up the security blunder. 

What is Two-Step Verification?

Two-factor authentication is also called strong authentication. It is defined as two out of the following three proofs:

• Something known, like a password,

• Something possessed, like your ATM card, or

• Something unique about your appearance or person, like a fingerprint.

When information is particularly sensitive or vulnerable, using a password alone may not be enough protection. A stronger means of authentication, something that’s harder to compromise is necessary.

While the upgrade by Apple.  If you care about the security of your Apple ID and are willing to put up with the modest inconvenience of receiving verification codes when you sign in to manage your Apple ID, you should consider turning this on.  If you have Google + you should add two-factor security to your Google account as well.

Google + two factor authentication link is here.