If someone tries to hack into your Apple account, entering your password incorrectly too many times, or giving the wrong answers to your security questions, Apple will recognise the attack and will lock your Apple ID.
This is good because it means an attacker can’t gain access to your Apple ID - which would let them get into your iCloud email, iMessages and FaceTime, as well as allow them spend your money on the App Store or in iTunes.
However, sometimes its not an attacker trying to hack your account, sometimes it’s you getting yourself locked out of your account because you forget your password (if that happens here’s how to fix it by changing your Apple password).
How to find out if your Apple ID has been hacked
If you are locked out of your Apple ID, and it wasn’t because you got your password wrong, the first you will hear of it may be when you receive an alert from Apple saying one of the following: 'This Apple ID has been disabled for security reasons', 'You can't sign in because your account was disabled for security reasons', or 'This Apple ID has been locked for security reasons'.
You may also receive an email from Apple detailing how to reset your Apple ID password, this might be sent if the hacker tries to change your password.
Alternatively, if you have set up two-factor authentication, you may see an alert on a trusted device saying that someone has logged into your account, giving a rough idea of the location where the login took place. Note, that sometimes the locations that come up don’t appear to be anywhere near the place where you logged on, so don’t automatically panic if you get an alert saying someone logged in to your Apple ID in Peterborough if you just logged in Suffolk. However, if you haven’t just logged on and you see an alert like this there may be reason to be concerned.
How to unlock your Apple ID
Whatever the reason for Apple disabling your account, it is possible to get back in again, you just need to follow these steps to recover your account and create a new password.
- Go to iforgot.apple.com
- Enter your Apple ID - usually the email address associated with your Apple account.
- Enter the Code to prove you aren’t a robot.
- Click Continue
The next page will differ depending on the form of security you have set up for your Apple account.
If you have set up two-factor authentication you will receive a code on a trusted device or in a text message on your phone. You will need to enter this verification code before you can unlock your account and change your password.
If you use the older two-step verification you will need your recovery key that was sent to you when you set up two-step verification in addition to a code sent to a trusted device. If you don’t have the recovery key (which was a 14-digit code Apple would have sent you when you set it up) you might be a little stuck.
If you haven't set up either of these methods of security then you will either have to unlock your account using your password, or you will have to answer some security questions you will have told Apple the answers to at some point.
If you have forgotten your password (or if you are now feeling a bit cautious about whether your password is strong enough) you can change your password here. We talk in more detail about how to change your Apple password in this article.
If you don’t manage to unlock your account after a few attempts it will remain locked, but you will be able to try again the next day.
How to protect your Apple ID from hackers
To avoid being a target for people who try and hack into your Apple ID make sure that you don’t respond to phishing emails. These are fraudulent emails disguised as emails from Apple that tell you to log on to your Apple ID. You can generally spot a phishing email because of bad grammar and poor spelling. You should also check the address that the email is sent from (not just what the address appears to be, but by clicking on the arrow beside the address in Mail you can see if the real address is something completely different). To avoid any chance of being caught in a trap like this never log on to your Apple account from an email. Always go to iCloud.com.
The other way to avoid being hacked is to make sure you have a really strong password. We have an article on choosing a strong password here.
And, finally, if you haven’t already, set up two-factor verification. We explain how to set up two-factor verification on your Apple account here.