Do This Immediately, To Protect Your iCloud Account

Simple stuff you should do right away. Spend five minutes doing this, today!

With more and more worry surrounding the hackers’ claims that they might have direct access to 600+ million iCloud accounts and Apple IDs (more news on that here) we need you to do some really simple things, to protect your data and save yourself lots of heartache later on.

We at Chip-Monks still believe in Apple and it’s ability to protect us, however it is a very good thing for you to do all of the below, periodically too.

There are five basic you need to do right away.

1. Change Your Password:
   Well the first obvious step is to change your iCloud password. This is for two reasons:
   First — the threat of an iCloud break-in by the hackers is based on their access to a database of login IDs and passwords. So, if you change your password, there goes the use of the password they supposedly possess!
   Two — Most of us use the same password on more than one account, meaning that if one were compromised, the password thus obtained can be used on our other accounts. Once you change your password, please also spend 5–10 additional minutes to ensure that you change passwords across all your other accounts too. We’ll cover this in #5 below, too.
   PS: The iCloud and Apple ID password are one and the same. There are reasons why Apple maintains two different names and nomenclatures, but that’s meat for another article. For the time being, just relax in the knowledge that changing either one of them protects you on both counts.
2. Ensure that that Two Factor Authentication is active on your Apple ID:
   If you already have this enabled on your Apple ID then you’re a rock star! But if you don’t, then make it be a priority to have this set up on your Apple ID.
   What this will basically do is ensure that no one can access your Apple ID from an unknown device, even if they have your login credentials! When you, or any one else, does try to log in, Apple will send codes to your existing devices, for approval, like an OTP.
   Your Apple ID will only become accessible on a new/unfamiliar device or computer, once that unique code is input.
   We sometimes don’t enable this on our accounts simply because if we have to log in from a new device, say a friend’s device, for whatever reason, it makes our log in procedure more complicated, but an extra five minutes on an occasional off chance thing that you might have to log in from a friend’s device is a good compromise for a more secure account, is it not?!
3. If you think you have the two-factor verification enabled, then double check to ensure that you do not confuse it with the 2 Step Verification system:
   Well, yes, there are two of them. The two-factor verification system, which basically won’t let you log in to a new device without verification via codes. While similar, Two-Factor Authentication is better — it is a newer security method that’s built directly into iOS, MacOS, tvOS, watchOS, and Apple’s websites. It offers a more streamlined user experience and is required to use certain features that call for enhanced security. So, we prefer you enable Two Factor Authentication instead of relying 2 Step Verification — please remember to check and ensure that you’ve chosen the right version!
4. Check The List Of Devices Logged Into Your Apple ID:
   Log in to your Apple ID via a computer (www.icloud.com or www.appleid.apple.com) and check the devices that are logged into your account. You’ll see a list of all the devices that are “known” to your Apple ID. You should be able to recognize all of these, and if there are any that you don’t recognize, you should reject that device, log out of it, and then change your password, just to ensure that you are safe, and no unknown person has access to your account.
5. Use A Password Manager:
   Remembering different passwords for each site is actually quite impossible, especially give that the password specifications for each site make it difficult for us to even come up with a rememberable password in the first place. Which is why once we hit that password that we can remember, we start using it everywhere, nullifying its very purpose and sanctity.
   A better way to do this is to use a reliable password manager, so that the brunt of remembering the password does not fall on your memory, and you can use different passwords for everything.
   Personally I let Safari (and thus, iOS & OS X) remember my passwords for me — and I can even see my passwords by going into the device’s settings, if I have to enter them manually somewhere.

Having done all of the above, we believe your account should be quite secure, and you shouldn’t have much to worry about.

We would also like to reiterate that the evidence that the hackers actually have access to that many account details is pretty thin. Also, it is doubtful that the breach is on the part of Apple.

What could be a possible reason for the hackers having any information at all is a third party leak, and the fact that we use the same passwords everywhere, is the real vulnerability that the hackers may be intending to exploit.

As more on this unfolds, we would like for you to treat this very seriously as a warning and to urge you take the minuscule effort to making your accounts more secure, and less as an instance to panic. If you are doing the latter though, you can check here on how to survive an Apple iCloud wipeout.

We will keep you posted on more.

Originally published at Chip-Monks.