iCloud Security Concern: browser session authentication storage after 2-factor?
Does anyone know how Safari or Chrome stores a www.icloud.com session authentication after logging in and passing 2-factor authentication? Is it stored in an encrypted cookie?
My concern is, if logging into iCloud from someone else's device (or browser), this session cookie could be stored. A malicious person, perhaps unknown to the system owner, could grab the session cookie and username/password from logged keystrokes. Now this person has bypassed 2-factor authentication and can access:
iCloud Keychain, iCloud iOS Backup (with password attack) and much more iCloud data including calendar, contacts, notes, photos, etc...
It seems like a big risk because many people store website passwords, including passwords to encrypted backups (Time Machine), on the keychain. This type of attack could expose all of this.
Appreciate your input and any steps you take to avoid this.
