Despite there being multiple warnings in the past about how one shouldn’t use easy to guess passwords like “password” or “12345678” or “abc123”, there are still users out there who choose to do so, thinking that the chances of them getting hacked are quite low. Well the bad news is that if you have chosen these easily guessed passwords, there are reports of a tool that has been uploaded to GitHub called iDict.
The tool can apparently guess your iCloud password through sheer brute force and can also apparently bypass Apple’s two-factor authentication. The good news is that if you used a hard to guess password and something completely unique, iDict should not work as it basically relies on a 500-long word list of basic passwords in order to make its guesses.
Now the other piece of good news is that it appears that Apple has since patched the vulnerability on their end that allowed the tool to re-enter passwords as many times without getting locked out. However due to the fact that the vulnerability was allowed to remain open for a brief period of time, there is a chance that the tool could have been used, so like we said if you tend to favor easy passwords, perhaps it is time that you start changing it to something a little tougher for hackers to figure out.