Apple CEO Tim Cook yesterday (Sept. 5) denied that Apple's security, or lack thereof, had played a part in the theft of personal photos from more than a hundred female celebrities — even as he promised to improve Apple's security.
In an interview with the Wall Street Journal, Cook detailed some new security notifications that Apple plans to implement in two weeks' time. He also said Apple will attempt to improve customer awareness about online security.
According to Cook, thieves stole many of the celebrities' nude photos by correctly guessing the celebrities' password-reset security questions, or by using phishing emails to trick the celebrities into divulging their own Apple IDs and passwords.
Cook told the Wall Street Journal that starting in two weeks, Apple users will be notified via email and push notification whenever an account password is changed, iCloud data is restored (i.e. downloaded) to a new device or when an account is accessed from a new device for the first time.
Apple will also apply two-factor authentication to more account-related activities. Two-factor authentication adds another token of identity to the login process. For example, after entering a password, the legitimate account holder would receive a text message containing a temporary PIN on his or her cellphone. The user would need to input this second factor into the login page before gaining access.
Two-factor authentication is also offered by Facebook, Google, Microsoft and Yahoo, but Apple has been criticized because its own implementation currently only covers certain aspects of users' accounts, such as changing iTunes Store payment information. It doesn't apply to new devices being added to an account, to accounts being accessed from an unfamiliar computer or even to when an account password is changed. Cook said those would soon be covered.
Cook also said Apple will make a greater effort to raise Apple users' awareness of security issues, such as by more strongly encouraging users to enable two-factor verification.
"When I step back from this terrible scenario that happened and say what more could we have done, I think about the awareness piece ... I think we have a responsibility to ratchet that up," he told The Wall Street Journal.
- 12 Computer-Security Mistakes You're Probably Making
- 'Don't Take Nude Selfies' Is Not Good Security Advice
- 7 Scariest Security Threats Headed Your Way
Jill Scharr is a staff writer for Tom's Guide, where she regularly covers security, 3D printing and video games. You can follow Jill on Twitter @JillScharr and on Google+. Follow us @tomsguide, on Facebook and on Google+.