Thieves Can Take Over Your iCloud (And You’ll Lose Everything)

Thieves Can Take Over Your iCloud (And You’ll Lose Everything)

With a simple trick, thieves can completely take over iCloud, after which you will no longer be able to access your files forever. Fortunately, you can prevent this with one preparation: This is how you protect yourself.

Thieves hijack iCloud

Perhaps one of your biggest nightmares: losing access to all your iCloud files. With photos, messages, passwords, documents, and more, there is a lot of important data on your iCloud account. And while Apple has introduced several security measures to prevent you from being locked out of your account, thieves have found a new way to bypass them to a great extent. This way they can just hijack your iCloud.

iPhone 14 Pro now up to € 10 discount per month!

A thief only needs two things: your iPhone or iPad, and your access code. The latter can be copied, for example, when entering the code in a public place, or guessed if you have a simple code like “1234” or “2580”.

This is how the thief works

Once the thief has your iPhone and your code, he will only need to follow a few simple steps. In Settings > iCloud, change the password to change your iCloud just by entering your access code. Then it creates a (new) recovery key in the same list.

iPhone recovery key

This recovery key makes it impossible for you to access your account. Once you try to log into your account via another device or iCloud.com, and your old password no longer works, you must enter this recovery key. And since the code is only for the thief, you can’t enter anymore.

Apple call? This is useless

Now you might think: then I’ll call anyway Apple support still access? However, according to The Wall Street Journal, which discovered this stunt, it doesn’t make much sense. The recovery key policy is strict: if you don’t have it, you won’t be able to access your iCloud account.

See also  These are the four new features

For privacy reasons, Apple cannot confirm that you are the owner of an iCloud account. Not even a copy of your ID or passport will be accepted — in part because you don’t have to provide that when you create your account, so Apple can’t confirm that this is really yours.

This is how you protect yourself

Fortunately, you can prevent all this misery with one stop. This closes your iCloud account settings with a separate code. This way, the thief can’t access it, even if he has your access token. So the iCloud password can’t be changed either, and a recovery key can’t be generated.

iCloud protection

You can set this via Settings > Screen Time. If this feature is not already activated, you need to do that first. Enter a different code than your access code. If Screen Time is already on, you can change the code via “Change Screen Time Passcode”.

Then go to Restrictions, turn on the switch at the top, and scroll down to Account Changes. Click this, then click Don’t Allow. Now no one can access your iCloud settings (the option will be greyed out), unless you disable Restrictions again using your separate icon for this.

More Apple news

News

Apple Watch gets job discovery in the Netherlands: This is how it works

News
By afferent edemaseconds ago1 minute

News

Why you should download the 112 app now

News
Written by Laura Grotarts08:071 minute

iCloud Hijack: Workaround

Apple told the Wall Street Journal that the company is constantly improving its security. This probably also means that Apple will soon come up with a permanent solution to this problem, where you don’t have to dig into the settings yourself.

See also  Google brings end-to-end encryption for messages at scale - tablets and phones - news

However, this is for the future: for now it’s important to follow the above steps and protect your iCloud. And do you want to know immediately when Apple comes up with a better solution, for example in a software update? Then subscribe to our newsletter:

Unfortunately, your registration was not successful. Please try again later.

source: The Wall Street Journal

Leave a Reply

Your email address will not be published. Required fields are marked *