Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Apple Enhancing Apple ID Safety by Enforcing Security Question Requirements
- Thread starter MacRumors
- Start date
- Sort by reaction score
I hate passwords. If appointed Grand Leader they will be banned. Hackers will be drug out of their basements and beaten, then convicted and finally sentenced to helpful physical labor out in the sun, a fate worse than death to those weirdos.
This whole thing is for Apple's benefit, not ours.
This whole thing is for Apple's benefit, not ours.
I haven't encountered these new questions yet and don't know how Apple is using them so maybe I am missing something, but if Apple wants to secure iTunes accounts from hackers, why can't they just rely on authorization for the machine or device it is being used on? If anything falls outside the devices you normally use, then the flags can be tripped.
Great... Another hoop I have to jump through just because people are dumb enough to keep falling for phishing attempts that ask them for their login details!
You people deserve what you get
You know, you're absolutely right. Why should you have to go to all that horrible, burdensome trouble just because there are many people not as incredibly sophisticated as you.
Yup, all those people who just enjoy using iOS devices, but are not wise to the ways of the electronics, deserve to get ripped off. No, actually, they deserve to have their iPads and iPhones taken away from them!
Ah, hell, just kill the *******s so you won't be inconvenienced.
Yup, I feel your pain...all that bother for security that you don't need.
I hate those security questions - because they never have questions that I have answers for.
No I don't have a pet, no I don't have a spouse, or kids, or a house.
No I don't remember my first teacher's name.
No I don't have a favourite colour or movie or song.
So - What do I do now that I can no longer download ANY iOS apps ?
Will people be able to convince Apple they are me if they guess the answers (e.g. if I put This Sucks as the answer to all the questions) ?
No I don't have a pet, no I don't have a spouse, or kids, or a house.
No I don't remember my first teacher's name.
No I don't have a favourite colour or movie or song.
So - What do I do now that I can no longer download ANY iOS apps ?
Will people be able to convince Apple they are me if they guess the answers (e.g. if I put This Sucks as the answer to all the questions) ?
Last edited:
Well - I'm probably going to have to keep them some where. Random answers to random questions - I wont be remembering that crap.
Exactly - even if that involves logging in via the web, iCloud or iTunes once to set them up.
As it stands - I have two choices, either DECREASE the security level I previously had or stop using iOS.
Well, the questions were strange and I didn't know the answers to most of them. I didn't want to try and be clever and come up with a gibberish answer because I know I'd forget it. I finally picked three questions, thought I was done, then it required another email address...I only have one. It ended up resetting everything so I just gave up.
So I need to setup another email address, and redo the questions (I already forget them), and...I'm too tired for this *****.
So I need to setup another email address, and redo the questions (I already forget them), and...I'm too tired for this *****.
Apple wants to obtain more personal information about its "users."
So - what city was your first kiss
There's truth to that.
If people are forced to use passwords they cannot remember or are forced to make up some answers to questions they cannot remember, they will put in on paper and file it somewhere....yup, somewhere... where was it now..?
Others might even save them digitally.... on some USB stick. Or some NAS.
In other words, that is NOT secure.
IMHO, passwords can only be secure if:
1. the user knows them easily by heart. (duh)
2. they are NOT dictionary words. (to help stop dictionary attacks)
3. some characters need to be typed with the SHIFT key pressed. (so that even if someone is watching you type your password, they cannot know when the SHIFT key was pressed)
4. are sometimes altered but not too often. (password changes that happen too often causes loss of memory...)
A nice way to create a strong password is to combine two non-real words which are logical to you combined with two numbers and two "other" characters.
Example: Non real words; like joining the first letters of each word of the title of a song you like, combined with the the first letters of a saying that inspires you. The numbers can come from the GHz frequency of your first Mac and all that combined with useful and playful help of the SHIFT-key and some usual "alternates" for normal letters (a=@, e=3, o=0, etc.). and end with some weird characters you can easily reproduce....
So, real life example:
Joining the first letters of each word of the title of a song you like: you like: "Highway to Hell" (by AC/DC):
- hth
A saying that inspires you:
"To be, or not to be"
- tbontb
Ghz frequency of your first Mac:
"iMac 233 Mhz"
- 233
Weird characters:
?@/
With a few "shifts":
HtHtb0NTB233?@/
Seems a nasty password.... but trust me.... you will be able to remember it.
Just keep it to yourself...
I developed a system that allows you to securely write them/print them on paper
http://www.passwordsquares.com/
Sadly - remembering another 4 random passwords (3 questions and another email) for a single account is somewhat overkill.
----------
The problem with 'what is your favourite XXXX' is that it assumes you are so narrow viewed/minded to only have ONE of them.
Same goes with pr0n, musicz, appz or anything.
I have two colours that share equal billing at the top.
I have around 8-10 movies that are equally on top of my movie list.
The problem with 'when was the first time you XXXXX' is that some of us are old, and by old I mean - we have no idea when or where we first did half the stuff we did.
So anything that involves favourite or old information - is OUT on questions.
I developed a system that allows you to securely write them/print them on paper
http://www.passwordsquares.com/
Are you friggin kidding me with this?
Are you friggin kidding me with this?
If it wasn't off topic, I'd ask for more information about what is the problem. It is off topic - so keep your delightful thoughts to yourself
If it wasn't off topic, I'd ask for more information about what is the problem. It is off topic - so keep your delightful thoughts to yourself
It's not off topic, it's just that your solution is worse than the problem.
Ugh no way! I hate these questions. I don't see the use either; or you fill in the question correctly and there is at least someone else (family) that knows the answer as well. Thats why I opt for the second method: fill in random words, thinking 'I should remember this'.
Then, 5 years later when you might need it, you forgot the words ofcourse.
Unless it's asked when you need to download an app, that would be even more pointless.
Then, 5 years later when you might need it, you forgot the words ofcourse.
Unless it's asked when you need to download an app, that would be even more pointless.
If by worse, you mean better - then you are correct.
Otherwise - you must have missed the point.
----------
I tried to download a free app today and I was asked. That is indeed the problem.
How about they fix a more serious security issue: You can sign up separate accounts with xxxyyy@gmail.com and xxx.yyy@gmail.com; but gmail resolves both addresses to the same gmail account. So the person using the scond Apple ID gets all their emails / receipts and password resets sent to the other person's gmail account.
This is just dumb. It's bad enough iTunes doesn't keep you logged in when it offers to, now more annoying questions??
Did Apple employ a security expert from Microsoft or something?
(come to think of it - anyone who comes up with denying access to the file system as a 'security measure' - could come up with pesterware purchasing)
Starting to make PayPal look pretty good, Apple - no mean feat - nice one!
Did Apple employ a security expert from Microsoft or something?
(come to think of it - anyone who comes up with denying access to the file system as a 'security measure' - could come up with pesterware purchasing)
Starting to make PayPal look pretty good, Apple - no mean feat - nice one!