2 factor authentication is a no longer an option, it’s a requirement. Agree.
Two particularly interesting points in this article:
1: It looks like Apple may have allowed API calls to bypass basic security steps like brute force protection. If true this is a pretty basic mistake.
2: In case you hadn’t already seen it, Russian hackers have gained the credentials of some 1.2 Billion individuals. If they have recovered your password for any one system, they will try it against all the others and we all know that a lot of people use the same passwords for many services. All it takes is the compromise of one improperly hashed and salted password list and you (or the people using your data) are owned…