How To Keep Your Apple iCloud Secure – Simple Tips and Tricks

How To Keep Your Apple iCloud Secure – Simple Tips and Tricks by Michael Grothaus.  Available from <http://www.knowyourmobile.com/apple/icloud/23678/how-keep-your-apple-icloud-secure-simple-tips-and-tricks> [ 12:06, 11 Aug 2017]


How to help Apple keep your data safe inside iCloud – tips, tricks and best practices for protecting your data

Earlier this week it came to light that a second man behind what has now become known as “the fappening” has pleaded guilty to a violation of the Computer Fraud and Abuse Act. That violation led to dozens of photos and videos from female celebrities being leaked online. As MacRumors reports:

“Between November 2013 and September 2014, Majerczyk and Collins engaged in a phishing scheme to obtain the iCloud and Gmail usernames and passwords of over 300 victims, including female celebrities, according to court documents. The perpetrators sent their victims emails that appeared to be from Apple and Google, asking them to provide their usernames and passwords.”

At first it was believed that the people behind the leaks had hacked into Apple’s iCloud email system to obtain the media, but after an investigation by Apple and law enforcement authorities it was discovered that the perpetrators carried out the breach by phishing and other techniques to get around the weak passwords some of the celebrities had set. Since then Apple has beefed up iCloud security nonetheless. Even so, if you’re interested in keeping your iCloud account really secure, you can help Apple protect you better by taking these steps:

Change your password frequently
There are some software services that force you to change your password frequently. iCloud is not one of them. However, it’s good practice to change your iCloud password from time to time. A two month interval isn’t too annoying and it can really help protect you in case of old password leaks.

To change your password you simply need to log into Apple’s Apple ID management web portal here: https://appleid.apple.com. Once there, log in with your iCloud username and password and then under the Security header, click Change Password.

Turn on two-factor verification
Apple has beefed up its Apple ID/iCloud password protection with two-factor verification. This helps Apple thwart brute force attacks (where a person trying to repeatedly guess your password or have it reset) by requiring that not only your password be entered when you try to sign into iCloud on a new device, but that you’ll also need to enter a PING code Apple will only text to your phone number on file. This way if someone is trying to log into your iCloud account on their device, even if they have your password, they won’t be able to get the two-factor verification PIN code since it can only be sent to your phone number on file.

To enable two-factor verification you simply need to log into Apple’s Apple ID management web portal here: https://appleid.apple.com. Once there, log in with your iCloud username and password and then under the Security header, click Get Started under TWO-STEP VERIFICATION.

Check out which devices you are signed into iCloud on
If you think your iCloud account may have already been compromised you can quickly check which devices are logged into your account. Simply go to www.iCloud.com and log in with your username and password. Click on the Settings icon. Under the My Devices header you’ll see all Macs, PCs, Apple Watches, Apple TVs, iPhones, iPads, and iPods that are signed into your iCloud account. If any are devices you don’t recognize (or maybe a device which you have sold or given away) click on the device so the Device window opens and then click on the blue X to automatically logout of iCloud on that device.

Remove credit and debit cards from Wallet
iCloud is also used to sync your debit and credit cards on file across devices so you can use them with Apple Pay or in Safari. However, let’s say you no longer have access to a device that is still logged into your iCloud account. You don’t want the new user to be able to buy stuff with your cards. Luckily, Apple lets you remove credit and debit cards from Wallet (the app that stores your card info) right from iCloud.com.

To do this go to iCloud.com and log in with your username and password. Click on the Settings icon. Under the My Devices header you’ll see all Macs, PCs, Apple Watches, Apple TVs, iPhones, iPads, and iPods that are signed into your iCloud account. Any device with an Apple Py logo next to it means that device also has your credit or debit card info on it. To remove your cards from that device click on the device so the Device window opens and then click on the device in the window. Under the Apple Pay section it will list all the cards registered to that device. click the Remove All button to remove them from that device.

Sign out of all browsers
Of course reading through this tutorial it’s now obvious that you can access all your iCloud data through any web browser. Sometimes you might be accessing iCloud on the web on a computer that is not yours (such as a work computer, a friend’s computer, or one in an internet cafe). If you forget to logout of iCloud on that device’s web browser no need to worry—you can logout of all browsers you are signed into your iCloud account on remotely.

To do this go to iCloud.com and log in with your username and password. Click on the Settings icon. At the very bottom of the screen you’ll see a button that says Sign Out Of All Browsers. Click it and you’ll be signed out of all browsers on any device anywhere in the world where you are signed into your iCloud account.


How To Keep Your Apple iCloud Secure – Simple Tips and Tricks by Michael Grothaus.  Available from <http://www.knowyourmobile.com/apple/icloud/23678/how-keep-your-apple-icloud-secure-simple-tips-and-tricks> [ 12:06, 11 Aug 2017]