Security gripes

Discussion in 'Apple Music, Apple Pay, iCloud, Apple Services' started by moonman239, Jan 22, 2015.

  1. moonman239 macrumors 68000

    Mar 27, 2009
    I tried to make a purchase from my phone today, but couldn't remember how to answer the security questions. One problem is that I couldn't remember how I answered my first-teacher question. Another is that I misread the next question.

    My main gripe is this: There are so many ways to phrase the answer to some of the questions. For example, for the first-teacher question, I could have typed in "Jane Doe," "Jane," "Mrs. Doe," or perhaps "Mrs. Jane Doe." (Don't even try any of those answers on my account; you'll fail if you do.) Or, if a city's involved, I could have put "Anytown, NY" or "Anytown, New York."

    My point is that the server should be smart enough to know that Mrs. Doe is Jane Doe and that Anytown, NY is the same city as Anytown, New York.

    Here's my second gripe: if I forget these answers, I have to contact Apple Support. Why can't I just have them send me an email to my rescue account, send a text message to my cell phone, and/or ask me when I was born?

    Better yet, they could have me authenticate myself using the Touch ID sensor on my phone.
  2. GGJstudios macrumors Westmere


    May 16, 2008
    Such "guesswork" on the part of the server would make it easier to compromise your account. It's the user's responsibility to remember answers given to security questions. After all, the user gets to choose them.
    You're complaining that their security is robust. That's exactly what you should be wanting. Your email account and DOB can easily be compromised.

    It's not Apple's fault that you forget your password or answers to security questions.
  3. moonman239 thread starter macrumors 68000

    Mar 27, 2009
    I want robust security, but I also want the server to at least be smart enough to know that "Anytown NY" = "Anytown, NY" = "Anytown, New York." The point is, if I show that I know who my first teacher was, and where my favorite job was, that should be good enough.

    Anyways, I'd be fine with a text message or Touch ID authentication (yes, it can be broken, but using it requires both physical access and a lot of time.)
  4. Primejimbo macrumors 68040

    Aug 10, 2008
  5. moonman239 thread starter macrumors 68000

    Mar 27, 2009
    Just found the answers:

    -2-step verification
    -Email to recovery email address if I forget my security answers. (via Website)
  6. BasicGreatGuy Contributor


    Sep 21, 2012
    In the middle of several books.
    Why not use a program like 1Password, so that you can create secure notes and manage passwords etc? It would work well in instances like this, where you have 3 different questions to answer. That way you don't have to remember some obscure phrase answer and can easily retrieve it when being prompted by Apple.

Share This Page

5 January 22, 2015