After taking down iforgot.apple.com following a serious vulnerability found earlier today. The security vulnerability allows Apple ID password to be reset with only email and birthdate. Accounts with two-step verification is not affected by this vulnerability. Apple took down its Apple ID password reset site to address the vulnerability.
Apple rolled out two-step verification for Apple ID on Thursday March 21, 2013.