Credit: REUTERS/Eric Thayer Apple on Tuesday began offering an additional security protection for iCloud account users, a move the company made following the theft of nude photos from several celebrities’ accounts last month.The defense, called two-step verification, involves entering a numerical passcode that is sent by SMS to users’ phones after they’ve entered their username and password. Apple recommends that users set up two-step verification, although it is not mandatory.Apple has had a two-step verification feature for iTunes and App Store accounts, but for some reason the same protection wasn’t offered for iCloud.The celebrity iCloud accounts were thought to have been accessed after hackers guessed their usernames and passwords, possibly by answering the security questions Apple poses if someone loses their password. Apple maintained that its former implementation of two-step verification for certain account changes would have protected the victims, as a code would have been required before someone could even see the security questions.The company came under enormous pressure after the nude photos were published on various websites. CEO Tim Cook told the Wall Street Journal on Sept. 5 that the company planned to send new warnings when account settings were changed, in addition to two-step verification for iCloud. In an email to iCloud customers on Tuesday, Apple said that third-party applications will still be able to access data in iCloud, but users will have to set up application-specific passwords no later than Oct. 1.Those passwords allow applications that may not support two-step verification to continue to pull data without inputting the numerical code.Send news tips and comments to jeremy_kirk@idg.com. Follow me on Twitter: @jeremy_kirk Related content feature Key findings from the CISA 2022 Top Routinely Exploited Vulnerabilities report CISA’s recommendations for vendors, developers, and end-users promote a more secure software ecosystem. By Chris Hughes Sep 21, 2023 8 mins Zero Trust Threat and Vulnerability Management Security Practices news Insider risks are getting increasingly costly The cost of cybersecurity threats caused by organization insiders rose over the course of 2023, according to a new report from the Ponemon Institute and DTEX Systems. By Jon Gold Sep 20, 2023 3 mins Budget Data and Information Security news US cyber insurance claims spike amid ransomware, funds transfer fraud, BEC attacks Cyber insurance claims frequency increased by 12% in the first half of 2023 while claims severity increased by 42% with an average loss amount of more than $115,000. By Michael Hill Sep 20, 2023 3 mins Insurance Industry Risk Management news Intel Trust Authority attestation services now in general availability Formerly known as Project Amber, Intel’s attestation services support confidential computing deployments. By Michael Nadeau Sep 20, 2023 3 mins Zero Trust Security Hardware Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe