Apple CEO Tim Cook promised in an interview with The Wall Street Journal that iCloud security will be increased soon, to prevent future leaks similar to the celebrities’ nudes scandal that preceded the iPhone 6 event. And, while the company failed to address iCloud security during its September 9th keynote, Apple has already rolled out two iCloud features including two-factor authentication, email notifications and app-specific passwords for iCloud assets.
Two-factor authentication is now enabled for iCloud.com, with Apple now requesting a verification code from users, before they can access any of the available cloud-based apps.
Furthermore, users are now alerted via email when their Apple ID is used to sign into iCloud via a web browser.
Finally, Apple is also requesting that users assign special passwords to apps that connect to the iCloud, to further improve account security. By going to My Apple ID, users can create app-specific passwords for up to 25 applications. The catch is that they have to first enable two-factor authentication on their iTunes accounts before proceeding.
“If you use iCloud with any third party apps, such as Microsoft Outlook, Mozilla Thunderbird, or BusyCal, you can generate app-specific passwords that allow you to sign in securely, even if the app you’re using doesn’t support two-step verification,” Apple wrote on a new support page. “Using an app-specific password also ensures that your primary Apple ID password isn’t collected or stored by any third party apps you might use. Starting on October 1, 2014, app-specific passwords will be required to sign in to iCloud using any third party apps.”
More details about Apple’s new security measures are available at the source links below.