Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Apple Enhancing Apple ID Safety by Enforcing Security Question Requirements
- Thread starter MacRumors
- Start date
- Sort by reaction score
Great... Another hoop I have to jump through just because people are dumb enough to keep falling for phishing attempts that ask them for their login details!
You people deserve what you get
Wow, you must be really smart.
----------
Me too! Are you going to the 70th reunion?
----------
Right, because inevitably your first reaction to your security questions after you forget your password is "Why yes, my first school was tangerine trees."
Maybe it was.
I don't like these security-questions either. The questions often are uninspired. Very often, I find only one of the questions useful or applicable but the answer would be too simple. Like my mothers first name or such.
I tend to write down the security questions including the answer the same way as all the passwords and store them somewhere hidden.
Great security, I know.
I tend to write down the security questions including the answer the same way as all the passwords and store them somewhere hidden.
Great security, I know.
Right, because inevitably your first reaction to your security questions after you forget your password is "Why yes, my first school was tangerine trees."
Owned!
I like that Apple is taking security seriously but I hate answering these stupid security questions because I can never remember my own answers.
And all this time I thought the primary purpose of Facebook was to disseminate all your personal information to your friends and neighbors. If not that, what other purpose does it serve? If you have a Facebook account, you've volunteered to give up anonymity and made your life an open book.
Well, given what you said, it sounds like you are suggesting your Apple ID is your personal email. In that case, if you used your work email as a backup to your Apple ID, and had an email sent to that work email to retrieve your Apple ID, you would then be using your work email for personal things now wouldn't you? Yeah yeah, I know, "it's only this one time"
.My employment isn't a concern to you
.Does Apple suggest that you not put answers to your security questions that can be looked up from public sources -- like a Facebook account?
Do users realize that the best strategy is to give non-sequitur responses to this kind of question: The first school you attended was: tangerine trees.
Reason #3 I have no Facebook account.
Well, given what you said, it sounds like you are suggesting your Apple ID is your personal email. In that case, if you used your work email as a backup to your Apple ID, and had an email sent to that work email to retrieve your Apple ID, you would then be using your work email for personal things now wouldn't you? Yeah yeah, I know, "it's only this one time"
My employment isn't a concern to you
You aren't allowed any personal email use at all on your work account? Ouch.
Does Apple suggest that you not put answers to your security questions that can be looked up from public sources -- like a Facebook account?
Exactly. So you have an impossible to hack password erfh934r71rfgh3##$14jri, and then a security question "What's your name" that bypasses all security. What kind of security expert came up with this idea?
Me too! The girl with kaleidoscope eyes and I were crowned King & Queen of prom. Good times...
Right, because inevitably your first reaction to your security questions after you forget your password is "Why yes, my first school was tangerine trees."
I keep paper copies of all my answers... in a very secure location (bank lockbox)
Now for the obvious question.
Has anybody here in this thread had this security thing pop up on your device ?
Has anybody here in this thread had this security thing pop up on your device ?
Although this is a good start, Apple ID security is a joke. If your Apple ID is @me.com or @mac.com, you can't change it to something else. If your account is constantly getting locked due by automated hacking script, there is nothing you can do but unlock several times a day.
I can't create an iTunes act with out a cc or gift card now either used to by just downloading a free app
Distinguishing between a new purchase and an update makes the most sense to me.
I don't see why updates even require the password. Is there any risk just allowing updates to occur as soon as you push the "update all" button? The apps are already on the device. Do I really want the downloads interrupted half way through with a dialog for one of the apps asking me to confirm that I'm still over 18? Is there anyone using Apple products that ages in reverse?
I agree with the extra security questions for any new purchase, however.
Seriously. I don't know who the security experts are that seem to set the standards for logins everywhere, but they are not experts. They are morons. Forced-mixed casings, numbers, and punctuation make passwords less secure. Security questions make accounts far less secure. One single good (and long) password that you don't re-use on other accounts is the absolute most secure way to protect any account. Everything else is false security at best.
Requiring the password on updates helps thwart app piracy. Because of the password req, you can only share your apps to people whom you don't mind sharing your password with, or at least see in person often enough to type your password in on their device for them to get updates.