iPhone [Security] Kinda Shocking Apple Support Experience

Discussion in 'iOS 8' started by bushido, Nov 13, 2014.

  1. bushido Suspended

    bushido

    Joined:
    Mar 26, 2008
    Location:
    Germany
    #1
    So here's the thing.

    Friend of mine forgot his apple ID password (he's the worst when it comes to technology) but had Find My iPhone enabled so we could not restore his old iPhone 5 obviously. We went on the computer to try resetting the password. We didn't know the security questions either so we tried to get it reset via his email. We tried it a couple of times but the email never arrived at his Hotmail address (I did check the spam folder).

    We nearly gave up but I decided to try the Apple support Hotline anyway, now here's the shocking part and I am amazed it actually worked....

    First of all I pretented to be him cuz as I mentioned he sucks at anything involving technology. I said that I forgot my Apple ID password and resetting does not work because the email never arrives. So all they asked was for my (his) name, the serial number of the iPhone and an alternative email address to sent it to. So 24 hours later I got an email to my email address so we could reset the Apple id password and to disable Find My IPhone.

    I am pretty shocked by this. Let's say someone would have stolen his iPhone. Anyone would would have been able to guess his name from the Apple ID pop up when it asks for the password cuz his email from the Apple id was "first name.lastname@xy.com" and get help from the Apple support Hotline
     
  2. maka344 macrumors 65816

    maka344

    Joined:
    Nov 4, 2009
    Location:
    London, UK
    #2
    That's not good.

    I thought they ask you to cite the three security answers that we all created a while back?!
     
  3. bushido, Nov 13, 2014
    Last edited: Nov 13, 2014

    bushido thread starter Suspended

    bushido

    Joined:
    Mar 26, 2008
    Location:
    Germany
    #3
    I said he (i) don't remember them cuz a friend of mine set up the account for me ages ago (cuz I am (he) a tech idiot) which is the truth and thats the reason I would need to reset the password in the first place

    I just had to wait 24 hours for whatever security reasons before I got the reset email
     
  4. C DM macrumors Westmere

    Joined:
    Oct 17, 2011
    #4
    There will always be some representatives pretty much anywhere that might do something that doesn't align with an established policy, or overlook something for some reason, or make a mistake, etc., etc., etc. Now, if this is the experience with at least a number of representatives or actually a decent proportion of them, then it can be a bigger issues. Otherwise it's more of an anecdotal occurrence which can happen here and there with all kinds of things in life.
     
  5. Syndicate0017 macrumors 6502

    Joined:
    May 3, 2013
    #5
    [Security] Kinda Shocking Apple Support Experience

    I don't mean to come off as calling you a liar, but it's not even remotely this easy for enterprise support. We have devices enrolled in DEP (which basically means that they are 100% enterprise owned devices) and even when we have an activation lock, I have to provide the serial, purchase order number, and wait 3-5 business days for their support team to unlock offending devices.

    I don't see how or why anyone at Apple would just send it to some alternate email when ownership of the device couldn't even be proven from the information you provided him. Anyway, glad you got it unlocked but I have my doubts about this actually occurring (at least in the manner described).
     
  6. aham23 macrumors regular

    Joined:
    Oct 31, 2011
    #6
    this was not my experience. it was about a 20 min call where they had me try to guess the answers, then verify addresses, last four of credit card tied to the account, and tons of other stuff, before they agreed i was me.
     
  7. eww7633 macrumors regular

    Joined:
    Dec 15, 2008
    #7
    I'm going to say this is a lie. I know for a fact that the iForgot email can't be sent without verifying the account First. The system will not send it, period.
     
  8. mercuryjones macrumors 6502a

    Joined:
    May 31, 2005
    Location:
    College Station, TX
    #8
    That's not what was supposed to happen. I went through the same thing, called Apple Support and still had to answer the 2 questions correctly, before they would send the email 24 hours later to the alternate email.
     
  9. H3boy macrumors regular

    H3boy

    Joined:
    Jul 8, 2013
    Location:
    Charlie West
    #9
    Interesting, Did you call from a phone number listed on his account?
     
  10. bushido, Nov 14, 2014
    Last edited: Nov 14, 2014

    bushido thread starter Suspended

    bushido

    Joined:
    Mar 26, 2008
    Location:
    Germany
    #10
    no cuz i thought i might have to use the phone to show them something while i am talking to them.

    they asked for his name (which i would have gotten from the apple id pop up like i said), his age and his address (which i would have gotten easily just by checking "me" from inside the contact app).

    we did know the passcode but what if someone does not have a passcode? this seems a bit too easy to disable find my phone to restore it. anyway, i am not lying and i got the email exactly 24 hours later to MY email address that has MY name on it and we were able to reset it.

    at the end of the day its maybe a good idea to not use your proper information under "me" or just use a passcode of course ;)
     

Share This Page