Just a day after Apple released “Two Step Verification” for it’s iCloud and Apple ID, a huge security bug has been discovered in Apple ID password reset process. And good news is Apple already fixed it.
iMore first reported the issue which could lead hijackers to reset Apple ID passwords only with an email address and date of birth. As soon as the report came alive, it caused a huge security concern. Apple immediately took down the Apple ID reset process (iForgot page). Then Apple admitted the issue, and freeze all account which got reset in recent time.
Now we could confirm Apple fixed the issue, and all accounts are safe now.
We already explain how Two Step Verification works, and posted a how-to guide for enabling Two Step Verification for your account. You should enable it to be safe now or even in near future.
Thanks: The Verge