Yesterday, news broke out that someone hacked into the Apple ID/iCloud accounts of Australian users and locked them out of their iDevices. This is possible when someone gains access to your Apple ID, logs into iCloud.com with the credentials, and uses Find My iPhone to lock your device.
The hack was followed by a message – let's say, a ransom message – which asked the victim to pay up in order to unlock the device from the clutches of the hacker. Users reported seeing messages asking to pay up to $100 (AUD) or more to unlock their devices. All this raises questions about security, privacy and the negative sides of cloud computing.
If you have been affected by this, one of the ways out of the conundrum is calling up Apple support and resetting your password. But let's not stop there. Let's find out ways to improve the security of our Apple ID accounts and our iPhones and iPads.
First and foremost: Passcode lock.
One of the first things that came to light is that the whole episode could have not happened if users had put a passcode lock to their iDevices. When you have a passcode lock for your iPhone/iPad, a remote lock from iCloud.com is not possible unless the passcode is given.
The takeaway is that passcodes are not just on-device security features. They serve extra purposes occasionally, one of them being protecting you from unauthorized remote locks.
Change Apple ID Password, Frequently
This is one of the most common but rarely-followed advices. At a time when passwords are being hacked left, right and center, it would be optimal to change your passwords frequently. Agreeably, it's a pain in the back to do that but, like emails, passwords are here to stay for a long time and they are the only ways to secure your stuff online right now.
The piece of advice doesn't end there actually. Changing your password from ‘apple' to ‘orange' is not going to help. Pick strong passwords, don't use recognizable patterns between one password and another and make sure your password hint is not obvious.
Backup to iTunes Regularly
When iPhones and iPads were locked out remotely, one of the solutions was to plug the iDevice to iTunes on PC/Mac and do a complete restore. A restore almost always fixes a lot of things.
But to restore as new without losing data, you'll need fresh backups. Most of us configure our iPhones/iPads to backup to iCloud but when the security of iCloud/Apple ID itself is targeted, good old iTunes backup is what you can count on.
When you connect to iTunes to sync your iPhone/iPad, it also backs up automatically unless you have explicitly turned this feature off. Make sure you have recent backups.
Don't Use Same Passwords Everywhere
This goes without saying. Passwords are supposed to be secretive, strong and ideally unguessable and, therefore, unbreakable. But if you keep using the same password everywhere, that's going to cause a problem down the line. This is because if someone figures out the password for one of your accounts, he/she will be able to crack into your other accounts too (when you use the same/a similar password).