New iCloud password flaw

It was recently announced that a vulnerability has been found that allows people to change a users iCloud login credentials.

It seems as if a hacker can gain access to your account using a combination of birth date, email address and a "modified url"

At time of writing, Apple has taken down it's iForgot link that allows you to answer security questions to reset your password.

Apple also just announce a two step authentication process for accessing your account which we would strongly urge you set up. It currently takes 3 days from setting up to implementation  to protect your account.

Here's the link from Apple that describes the process: Two Factor Authentication

Posted on March 23, 2013 .