So about 3 weeks ago, I set up double authentication. At that time, every device on my account was required to do the double authentication when that particular device tried to download an app (free or paid). Worked like a champ!
Yesterday, I bought my daughter a new iPhone5 (sold her 4). So, I performed an iCloud backup (she has a separate @me Apple ID for her personal stuff, and we used a shared iTunes Apple ID for apps, music, etc.).
The new iPhone5 restored itself from the iCloud backup just as advertised without any issue using both her Apple ID and the iTunes Apple ID.
However, today she asked if she could purchase an app and I said, "yes" expecting it to require the double authentication (first app ever purchased with this new phone). However, it downloaded the new app without any issues. I did however receive an email that stated a "new device not associated with your iTunes account just purchased an app."
During the restore process, I had to input the user name and password for the shared iTunes Apple ID before it would start downloading all her apps. But even then, it never prompt me for authentication.
This gets me thinking...if someone hacks into my AppleID, they can simply "restore from backup" and circumvent the double authentication.
Anyone know what's going on here?
Yesterday, I bought my daughter a new iPhone5 (sold her 4). So, I performed an iCloud backup (she has a separate @me Apple ID for her personal stuff, and we used a shared iTunes Apple ID for apps, music, etc.).
The new iPhone5 restored itself from the iCloud backup just as advertised without any issue using both her Apple ID and the iTunes Apple ID.
However, today she asked if she could purchase an app and I said, "yes" expecting it to require the double authentication (first app ever purchased with this new phone). However, it downloaded the new app without any issues. I did however receive an email that stated a "new device not associated with your iTunes account just purchased an app."
During the restore process, I had to input the user name and password for the shared iTunes Apple ID before it would start downloading all her apps. But even then, it never prompt me for authentication.
This gets me thinking...if someone hacks into my AppleID, they can simply "restore from backup" and circumvent the double authentication.
Anyone know what's going on here?
Last edited: