Yet Henze won't help Apple patch the exploit because its bug bounty program only pays out to researchers for disclosing bugs on iOS and not macOS. "It's like they don't really care about macOS," he told Forbes. "Finding vulnerabilities like this one takes time, and I just think that paying researchers is the right thing to do because we're helping Apple to make their product more secure."

This is the second time in a couple of weeks that a teenager has unearthed an Apple security problem (Henze is 18). A 14-year-old tried to alert Apple about the Group FaceTime bug that allowed you to listen in to others before they answer the call. Apple said it will issue a fix for that this week, though it's unclear when it will repair the password exploit.