Apple tells Jennifer Lawrence to make her Password Stronger

Apple tells Jennifer Lawrence to make her Password Stronger

icloud hack

After the embarrassing celebrity photo leak, Apple has promised to tighten security on their iCloud storage services but has blamed weak passwords as the cause.

Last week a hacker managed to infiltrate Apple’s iCloud system and released nude images of celebrities including Jennifer Lawrence.

Of course the story went viral and now Apple has announced that they will be seriously increasing their security features.

CEO, Tim Cook told the media that the company will be installing email push notifications to alert iCloud users when their images are uploading on a new device.

Prior to the leak, iCloud would sync to other devices without notifying the user as long as they entered a password.

The new security measures are expected to be released in the next two weeks and will help people know when their images are being uploaded to an unauthorised site.

Apple is also urging users to ensure they have a strong and secure password. In fact, part of the reason the accounts were able to be hacked was because their passwords were not secure enough.

This recent security breach is unlikely to hamper the upcoming launch of the iWatch and iPhone 6 however, Cook is expected to make a formal statement on the new security measures that are being adopted.

1 thought on “Apple tells Jennifer Lawrence to make her Password Stronger”

  1. There is a method to safely manage many of high-entropy passwords. It is the Expanded Password System that handles images as well as characters. Each image/character is identified by the image identifier data which can be any long. Assume that your password is “ABC123” and that those characters are identified as X4s&, eI0w, and so on. When you input ABC123, the authentication data that the server receives is not the easy-to-break “ABC123”, but something like “X4s&eIwdoex7RVb%9Ub3mJvk”, which might be automatically altered periodically or at each access if required.

    When such high-entropy data are hashed, it would be next to impossible to quickly crack the hashed data back to the original password. Give different sets of identifier data to “ABC123” and the different servers will receive all different high-entropy authentication data.

    Brute-force attacking of “ABC123” and other similarly silly passwords would perhaps take less than a few seconds with dictionary and automatic attack programs but it could be an exhausting job when criminals have to manually touch/click on the display with their fingers.

Leave a Comment