back to article Apple iCloud Keychain easily slurped by cops, ElcomSoft claims

ElcomSoft, the Russia-based maker of forensic software, has managed to find a way for crime investigators to access the data stored in Apple's iCloud Keychain, if Apple ID account credentials are available. Apple's iCloud Keychain is a remote copy of the password vault that's optionally available to users of iOS and macOS …

  1. This post has been deleted by its author

  2. Anonymous Coward
    Anonymous Coward

    I love Apple.

  3. Povl H. Pedersen

    Big problem

    NOT. To get access to the keychain you need:

    icloud username and pasword

    and a verified device with 2FA.

    Then you can get access to the keychain.

    The only thing you bypass is really the local device password of the device having keychain access. Is this a problem ? Not really, but it means I will take my non-pasword protected iPad that the children uses, and move it to a family account.

  4. Anonymous Coward
    Anonymous Coward

    Get all my noodies, celeb or otherwise, through Elcomsoft's superb tools. Top Russian lads.

  5. SAdams

    “Easily slurped” ?

    Even for people who do not have 2FA - which Apple have pushed and users have to reject - you still need AppleID and password ? So its like single factor authentication ?

    Moral of the story, if you use Keychain, use 2FA. And always use a unique password for your apple ID, and for any email accounts that may involve password resets.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2018