Is two-step verification process a pain in the rear end because every time you try to log into your account, you’ll need to take out your phone and wait for the security code to be sent over? Well, it is, but it is also an essential thing activate, especially when there’s a gaping security hole that leaves your login details vulnerable.
Last Friday, not too long after Apple announced its two-step verification process, a security hole was discovered on Apple’s iForgot page, which allowed anyone to reset your password with just your email address and date of birth; yes, that means any of your Facebook friends who can see your date of birth and email address could’ve changed your password without your knowledge.
The bug was promptly squashed by Apple, the page went on a “maintenance” for a couple of hours before going back live and the security hole has been closed. Unfortunately though, the two-step verification process isn’t available for Malaysian users yet so all we can do is hope that no such error occurs again.