Why does iTunes requires complicated passwords?

Discussion in 'Mac Applications and Mac App Store' started by HarryPot, Jan 5, 2011.

  1. macrumors 6502a

    Joined:
    Sep 5, 2009
    #1
    Today I was trying to change my iTunes account password. Currently my password has lowercase letters and numbers.

    To my surprise, the new passwords now need to have at least one uppercase, one lowercase and one number. Why?

    I've always hated to use uppercase in passwords.:(
     
  2. macrumors Westmere

    GGJstudios

    Joined:
    May 16, 2008
    #2
    Because more complex passwords, such as those with upper and lower case letters and numbers, are harder to guess and your iTunes account is less likely to be hacked. It's a good habit to always use complex passwords.
     
  3. macrumors 603

    firestarter

    Joined:
    Dec 31, 2002
    Location:
    Green and pleasant land
    #3
    Er... because it's supposed to be a strong password to keep your credit card safe?
     
  4. thread starter macrumors 6502a

    Joined:
    Sep 5, 2009
    #4
    I know. But, why make it a requirement?

    I use complex passwords for most of my mail/computer/bank accounts. But for iTunes, I prefer a simple password. I don't have a credit card registered, I just buy Gift Cards.

    And a combination of letters and numbers can be quite difficult to hack.
     
  5. macrumors 68030

    RaceTripper

    Joined:
    May 29, 2007
    #5
    I use 1Password to create really complicated passwords, and I don't use the same one twice.

    Recently, I changed my MobileMe password. I still have auth errors as a result. Apple needs to manage/fix single-signon password changes better.
     
  6. Moderator

    SandboxGeneral

    Staff Member

    Joined:
    Sep 8, 2010
    Location:
    Detroit, Michigan
    #6
    You should consider using Lastpass to manage and generate strong passwords. Identity theft is the biggest threat to users through their computers/Internet more-so than viruses.

    Security Now >>podcast<< on Lastpass.
     
  7. thread starter macrumors 6502a

    Joined:
    Sep 5, 2009
    #7
    I have considered using those kind of software before. But how do they work in the iTunes store in the iPhone? My bigger problem is entering the passwords there. I do change between two accounts quite frequently, and using uppercase is just an extra hassle.
     
  8. Moderator

    SandboxGeneral

    Staff Member

    Joined:
    Sep 8, 2010
    Location:
    Detroit, Michigan
    #8
    I've used both 1Password and Lastpass; I prefer Lastpass, but neither will work directly with iTunes. They integrate with your web browser. Lastpass will even work on the iPhone, but not with iTunes... I think.

    It's your decision of course, but the more convenient the password you have, the less secure it is. Go ahead, use an easy to guess password that can be cracked with a brute force dictionary attack. You may only use gift cards now, but you may change your mind someday and enter CC info. If so, I sure hope you use a more secure password to protect yourself.
     
  9. macrumors 604

    chrono1081

    Joined:
    Jan 26, 2008
    Location:
    Isla Nublar
    #9
    As others have stated not only is it important for your safety, but if someones account gets hacked on iTunes it blows up in the media since its Apple related and then makes Apple look bad when in reality its the fault of the person with the weak password.
     
  10. macrumors 68000

    bobr1952

    Joined:
    Jan 21, 2008
    Location:
    Melbourne, FL
    #10
    There are threads here about iTunes and how some accounts have been compromised. Perhaps by weak passwords???? Makes sense to require ones that are a bit more robust. :)
     
  11. macrumors 68030

    RaceTripper

    Joined:
    May 29, 2007
    #11
    Now that would matter if I cared about Apple's standing in the media. In reality I care about security, but couldn't care less about Apple looking good or bad. ;)
     
  12. macrumors Core

    miles01110

    Joined:
    Jul 24, 2006
    Location:
    The Ivory Tower (I'm not coming down)
    #12
    Because it costs them less to make a complex password a requirement than it does to deal with all the people that get their accounts broken into on account of having weak passwords.
     
  13. macrumors G3

    roadbloc

    Joined:
    Aug 24, 2009
    Location:
    UK
    #13
    Most online companies make it a requirement to have a decent password.
     
  14. macrumors 68000

    bobr1952

    Joined:
    Jan 21, 2008
    Location:
    Melbourne, FL
  15. macrumors 68030

    RaceTripper

    Joined:
    May 29, 2007
    #15
  16. macrumors 65816

    Joined:
    Jan 16, 2010
    Location:
    Kennesaw, GA
    #16
    Wirelessly posted (Mozilla/5.0 (iPhone; U; CPU iPhone OS 4_2_1 like Mac OS X; en-us) AppleWebKit/533.17.9 (KHTML, like Gecko) Version/5.0.2 Mobile/8C148 Safari/6533.18.5)

    If apple allowed easy passwords but didn't offer credits to people with hacked accounts, you would probably be bitching about that when your account got hacked. :p
     
  17. macrumors newbie

    Joined:
    May 10, 2010
    #17
    Complex passwords are only harder to guess in a situation where Apple's servers are compromised giving hackers offline access to the password file.

    In an online attack (where hackers simply try entering you password at an Apple logon page) as long as you do not use a stupid password like 'password' or the name of your dog a simple random lower case word is just as hard to guess. Apple blocks your account after a small number of incorrect guesses (see http://support.apple.com/kb/TS2446) so unless the hacker is incredibly lucky your account is safe.

    Of far more importance is the difficulty of your password reset security question and that you never log in via a link sent in an email.
     

Share This Page