Apple now emailing users when iCloud accessed via Web

icloud security primary

In the wake of last week’s theft of celebrity photos, Apple has started beefing up security for its iCloud service. The move, part of improvements also promised by Apple CEO Tim Cook last week, comes just a day before one of the company’s biggest events of the year.

icloud security logout

On the Web, iCloud's advanced account settings allow you to log out all currently logged in sessions.

As first reported by MacRumors, Apple will now send iCloud users an email whenever they (or someone purporting to be them) log into iCloud.com via a Web browser. This seems to happen even if the browser and computer in question are ones that a user has previously logged in with. Apple’s email advises users to change their Apple ID password if they believe someone else is accessing their account. (As an additional tool, iCloud’s Web interface does provide the ability to log out every currently logged in browser in its Account Settings > Advanced.)

Granted, in my brief test, the email arrived ten minutes after I logged in, which could still give an interloper plenty of time to do some damage. Currently iCloud’s Web interface does not have the option to require two-step authentication when logging into your account.

icloud security login

Apple now sends you an email, notifying you when someone has logged into your iCloud account via the Web.

Given the broad publicity over this security issue, it seems likely Apple will take at least some time at Tuesday’s event to respond and potentially discuss what measures are being taken to ensure the security of its users. No doubt the company hopes that this incident won’t overshadow what most assume to be the launch of the next iPhone.

To comment on this article and other Macworld content, visit our Facebook page or our Twitter feed.
Shop Tech Products at Amazon
Notice to our Readers
We're now using social media to take your comments and feedback. Learn more about this here.