Let's see what iCloud has in store for security:
A secondary device based approval system where you can only retrieve your keychain if you have another device with the keychain so it can "approve it".
An approved phone number that you yourself verified, because you own the iCloud/Apple ID associated with it so it only makes sense that once that device is approved, you can use it.
A password with strict alphanumeric and capitalization rules SoThisPassword1159 would be secure enough and about less than 1% chance of being cracked by brute force by some of the best hackers in the world.
And lastly, a passcode PIN that you associate with the account.
But if you forgot the PIN or if you have no device to approve from because, for example, your MacBook and iPhone were stolen, you're screwed. You have to reset your entire Keychain.
I know what you're thinking: Why even approve a phone to begin with? That's a good question that I don't have the answer for. It's a completely stupid and asinine security layer. In fact, the entire password system, the Apple ID login, the SMS recovery system is all pointless if you forget some stupid 4-digit pin that you NEVER use again.
So thanks Apple. Your Keychain is worthless and Google's password storage on Chrome is decades ahead and more convenient. I love your hardware and your OS but your emphasis on security leaves a lot of regular users abused by redundant measures that end up damaging us more than they protect us. There should ABSOLUTELY be a way to recover your keychain if you know enough about the account without remembering the PIN, otherwise what is the freaking point of the SMS system?
Signed,
Screwed Over and Should Have Relied Only on Chrome
A secondary device based approval system where you can only retrieve your keychain if you have another device with the keychain so it can "approve it".
An approved phone number that you yourself verified, because you own the iCloud/Apple ID associated with it so it only makes sense that once that device is approved, you can use it.
A password with strict alphanumeric and capitalization rules SoThisPassword1159 would be secure enough and about less than 1% chance of being cracked by brute force by some of the best hackers in the world.
And lastly, a passcode PIN that you associate with the account.
But if you forgot the PIN or if you have no device to approve from because, for example, your MacBook and iPhone were stolen, you're screwed. You have to reset your entire Keychain.
I know what you're thinking: Why even approve a phone to begin with? That's a good question that I don't have the answer for. It's a completely stupid and asinine security layer. In fact, the entire password system, the Apple ID login, the SMS recovery system is all pointless if you forget some stupid 4-digit pin that you NEVER use again.
So thanks Apple. Your Keychain is worthless and Google's password storage on Chrome is decades ahead and more convenient. I love your hardware and your OS but your emphasis on security leaves a lot of regular users abused by redundant measures that end up damaging us more than they protect us. There should ABSOLUTELY be a way to recover your keychain if you know enough about the account without remembering the PIN, otherwise what is the freaking point of the SMS system?
Signed,
Screwed Over and Should Have Relied Only on Chrome