torrinor
Level 1 (0 points)

Q: Received a two factor authentication that I did not request - Hacked?

I woke up and noticed I had got an SMS from Apple with a two factor authentication code. I have activated two factor, but I did not request this code since I was sleeping and not logging into any apple app, webpage etc.

 

The only thing I can think of is 1. Someone got hold of my account login information OR 2. an app or something on my iphone tried to authenticate itself.

 

Have anyone of you experienced the same or have an IDEA of what it could be? Could it be a bug in Apple's system?

iPhone 6s, iOS 9.1, Two factor

Posted on Nov 21, 2015 6:19 AM

Close
torrinor

Q: Received a two factor authentication that I did not request - Hacked?

  • All replies
  • Helpful answers

  • by fromsouth,

    fromsouth fromsouth Nov 21, 2015 10:02 AM in response to torrinor
    Level 5 (4,833 points)
    iCloud
    Nov 21, 2015 10:02 AM in response to torrinor

    I do not think it is a bug, but I have already spoken to two people with 2 factor authentication enabled without them realizing that. Either they both lied to me, or Apple make transition too simple and seamless to activate when available. If somebody got a hold of your info sending you the code for that purpose would be the last thing on their agenda, wouldn't it?

    Obviously the normal protection rules still apply, do not click email or SMS links - do not provide any info unless you initiated first contact.

     

    Just in case

    Two-factor authentication for Apple ID - Apple Support

  • by torrinor,

    torrinor torrinor Nov 21, 2015 1:56 PM in response to fromsouth
    Level 1 (0 points)
    Nov 21, 2015 1:56 PM in response to fromsouth

    The SMS came from the same number as regular. I find it really odd that Im getting a random authentication code. The only way to request such a code is when one enter the correct Apple ID and password. None of my other accounts (gmail etc) raised an alarm so I dont think "they", got my password file. And I dont believe it's brute force since my password is 20+ characters long.

     

    I dont think this it's someone that have obtained my password or hacked me in either way, but it's strange.

     

    Does apple have a support mail?

  • by fromsouth,

    fromsouth fromsouth Nov 22, 2015 7:29 AM in response to torrinor
    Level 5 (4,833 points)
    iCloud
    Nov 22, 2015 7:29 AM in response to torrinor

    Check out that thread below - happened same day as you. If you want use the link below on the bottom right of the page "Contact us", email support is available randomly and types of support are defined by the time of contact. I still think you all overreacting, (brute does make sense the way you and him describe) but you are correct, what are the odds?  As you thought originally bug on Apple server is more likely, but support would not be privy to those bugs. I am more inclined those are random checks - seeing how once I add new device, I get bunch of random password requests up to 20 times. Using one id on 5 devices.

    BTW if you decide to save yourself a call/email the first thing and the only thing they will do is to make you change your password...

     

    Received unexpected Apple ID Verification Code.

  • by fromsouth,

    fromsouth fromsouth Nov 23, 2015 3:17 AM in response to torrinor
    Level 5 (4,833 points)
    iCloud
    Nov 23, 2015 3:17 AM in response to torrinor

    torrinor wrote:

     

    my password file.

    Does it mean you use an app to save passwords? didn't trigger till now sorry.

  • by torrinor,

    torrinor torrinor Nov 23, 2015 1:16 PM in response to fromsouth
    Level 1 (0 points)
    Nov 23, 2015 1:16 PM in response to fromsouth

    Yes I do. So my passwords are very strong.

  • by fromsouth,

    fromsouth fromsouth Nov 23, 2015 3:45 PM in response to torrinor
    Level 5 (4,833 points)
    iCloud
    Nov 23, 2015 3:45 PM in response to torrinor

    Your passwords are generated. Wonder now if other guy has same app...

  • by torrinor,

    torrinor torrinor Nov 24, 2015 12:08 PM in response to fromsouth
    Level 1 (0 points)
    Nov 24, 2015 12:08 PM in response to fromsouth

    What do you mean? My passwords are generated randomly and the file is encrypted.

  • by fromsouth,

    fromsouth fromsouth Nov 24, 2015 1:51 PM in response to torrinor
    Level 5 (4,833 points)
    iCloud
    Nov 24, 2015 1:51 PM in response to torrinor

    Think about a hacker that uses the same algorithm to break your password as algorithm used by random (or pseudo random) generator created by developer of the app. Think about someone analyzing his app software enough to understand or even affect randomization. Knowing what set of data is used to generate password (date, size of the device, apple id and so on). I would rather use my own non randomized and simple password then "randomized" by a program. All that is not my area of expertise, I may be completely off base.

    https://en.wikipedia.org/wiki/Random_password_generator