"Your Apple ID is being used to log into Facetime on a new iPad"

Brendan Burgess

Founder
Messages
51,906
I got this message today.

I don't use Facetime - well at least not intentionally.

So I logged in to Apple and changed my password and ticked the box "log out from all devices"

Do I need to do anything else?

Brendan
 
My husband got an email from Netflix that someone had logged onto his account in Dublin yesterday. Very odd we thought.

I've no idea about Apple or Facetime. It's very difficult to keep up with all the new technology. I also got a call from 'Microsoft' in California via India a week ago. I put down the phone on that one.
 
Did you have a complex password set on your Apple ID and have you used that same password elsewhere? Due to rate-limiting, it would be quite difficult to brute-force an Apple ID password, so it's much more likely somebody found your username and password elsewhere (for example the big LinkedIn hack a few years ago) and used it to login to your Apple ID first time.

Or if you have an iPad, is there any chance FaceTime did just login on it? Once your Apple ID has been added to the device (for the likes of the App Store) you wouldn't have to do much for it to be used for other services on the device, for example a child could launch FaceTime and tell it to use the existing Apple ID to login etc.

Regardless, what you should do is to -
  1. Change the password on your Apple ID as you have
  2. If you used the compromised password on any other sites, change the passwords on these sites as well. Cross-site password usage is the most common cause of your accounts being compromised. To avoid password re-use, try one of the password safes out there, which allow you set long complex unique passwords for every site you use without needing to remember each
  3. Turn on two-factor authentication on your Apple ID, which eliminates the chance of the account being used if your password is ever compromised again - https://support.apple.com/en-us/HT207198. This goes for any service you use, but especially important ones like Gmail/Apple ID etc.
 
Zenith

That is great - thank you very much for such a systematic reply.

I think it must have been myself who logged on accidentally.

1. I have changed the password anyway to something even more obscure.
2. I hadn't used the original one anywhere else.
3. I have two factor ID turned on. That is where they text me a number to change it?

Brendan
 
3. I have two factor ID turned on. That is where they text me a number to change it?

Yeah they should text you or create a pop-up on your other iOS devices any time you try to change the password or login to additional devices. Worth taking a look at the Apple link I posted though as they've pimped-up 2FA recently, but you need to take an action to fully enable it.

With 2FA turned on though you should never need to worry about this account to be honest, even if somebody did get your password it would be useless to them as they'd then need to get access to your mobile number (doable, but extremely difficult and not worth somebodies effort unless you become fabulously wealthy or famous some day).
 
Did your iPad do a software update recently? Mine has given me that warning a few times after an update
 
Hi John

I updated the software today after receiving the message and changing my password.

But I have just received a text to my mobile telling me again that a new iPad is using FaceTime.

I think it's unlikely at this stage.

Brendan
 
Hi J

It wasn't an email.

It was the usual Apple message you get when you log on from a new device. It wasn't one I could respond to.

Brendan
 
Back
Top