Become a MacRumors Supporter for $25/year with no ads, private forums, and more!

Password reset for AppStore account - Kafkaesque Nightmare... :(

glawrie

macrumors member
Original poster
Oct 31, 2005
49
3
Maidenhead, UK
I have a couple of questions about the App Store reset process - the TL;DR option is to scroll to bottom of posting to read those ... what appears first is a bit of contextual information.

In 2010 I set up an appstore account just for 'work' software - so as to separate this (for accounting reasons as much as anything) from personal software purchases. It worked just fine until July this year, when somehow the password got changed.

I noticed the issue when in August some software updates for apps linked to the account would not go through because the account password was rejected. It turned out that none of my (few) devices could connect to the account with the password I knew. I tried working through the password reset process but this is made more complicated because no device is logged in using the app store account (which is understandable, since it existed only to purchase software from the store). When there is no device connected, you have to through a multi-day process that requires proof of access to the email account, credit card and phone number associated with the account: when you provide this Apple sends you a note saying that some other communication will be sent in due course with details of how the password could be reset; I have successfully completed this process now around a dozen times and this additional communication has never arrived.

In September I contacted Apple Support to see if they could find out why the reset was failing. It is now six weeks in, and no sign of any resolution - all Support do is require me to walk through the standard process on my computer while talking to them on the phone to trigger the reset by email process - and tell me to wait... in variably the process has failed, and I talk to them again, am required to do the process again... etc. The last three times I have begun to challenge them about what is actually happening, and finally they told me that they think that between starting the process and the reset communication being sent, some device connects successfully to the appstore using the ID in question - when this happens the reset process is automatically terminated. All the devices I can find have been checked to ensure that they are logged out of the account and have been turned off if possible; yet the rogue connection is still being made.

At this point it is unclear where this rogue connection is coming from - but Apple will not tell me any more about it (e.g. where from, what kind of device, whether any activity happens on the account subsequent to the connection) on the basis of privacy issues. When challenged they refuse to say whose privacy - clearly it is not mine, so presumably it is that of whomsoever is connecting to my account - if that person is me, there should be no privacy issues in telling me more that would help me find the rogue device (assuming it is mine), if that person is a fraudulent user of my account presumably it is to protect their continued fraudulent use of the account...

So the questions:

1) Does anyone know whether there is any other way into this issue that might work more effectively - it seems currently like this privacy protection defence by Apple will prevent me ever being able to regain access to my account - is there a better question I can ask Apple Support?

2) If I am unable to reset the password (due entirely to Apple's inability to share information with me that would allow me to reset the password) is there any mechanism that would enable me to recover access to the software I had purchased using the account (or get a refund for its value from Apple)?

If not - looks like these Apple policies have the effect of rewarding account hijacking - if you can get access to someone else's App Store account just change the password and then Apple will actively protect your right to continue to use it - quite bizarre... regardless of what the actual owner of the account wants!
 

brianmowrey

macrumors 6502
Oct 5, 2020
337
98
Landed here via a random Related Threads list.

they refuse to say whose privacy - clearly it is not mine
It is yours. Or rather, it's all users. Apple support never provides access / usage info as doing so would turn support into a pathway for data collection. This is true even though there are plenty of other avenues for getting the same data, such as by hijacking an account, which render the harm of giving the info out in Support redundant. Apple still isn't going to open that path.

I worked account support in the very twilight of being able to see anything at all. I could see what devices had logged into, say, my own iTunes Store account, and would be able to notice a device that I did not own and the date that it first logged in. That was taken away in 2011. For another year, I could still reset any account password if I was convinced I was chatting with the owner, except the few that had been hijacked via support so often by stalkers/ exes / weird obsessed hacker neighbors that they had Account Security warnings. Then in 2012 password reset became automated within Support Tools, so we were just voices on phones to yell at.

Your next step is either 1) keep trying the process that hasn't worked in hopes it one day does work, or 2) wait for Apple to change their Support automated reset process again, as they constantly have been since 2012, in case some future change makes it work for you, or 3) lawyer.
 
Comment
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.