Apple toughens iCloud security after celebrity breach

Apple has expanded its use of “two-step verification” checks to protect data stored online by its customers.

It follows suggestions third-party software had been used to steal intimate photos of celebrities – posted online last month – from iCloud.

The action should stop the tool from being able to infiltrate Apple’s internet storage service if the safety measure is implemented.

However, the security facility remains an opt-in choice.

One expert suggested that Apple should instead make it the default option.

The process works by introducing an extra step after an account holder has typed their username and password into a device they have not used before.

They are also required to enter a four-digit code that is either texted to a trusted mobile phone number or sent via Apple’s Find My iPhone app.

If the person does not enter the code, they are refused access to iCloud and are blocked from making an iTunes, iBooks, or App Store purchase.

They can, however, use a 14-character recovery key to regain access to the account in the event their trusted device is lost or stolen. They are told to keep this in a safe place to avoid being locked out.

http://www.bbc.co.uk/news/technology-29237469