Apple improving iTunes account security with stricter requirements
Apple has begun asking users to select and answer a series of questions associated with their Apple IDs to enhance security measures.
The security prompts began popping up on iOS devices on Wednesday, according to Ars Technica. Users are met with a prompt that states "Security Info Required."
After being shown the message, users are asked to select from a number of security questions and provide personal answers. Users are also prompted to provide a backup e-mail address in case the primary address associated with their Apple ID is compromised.
The changes are meant to curb fraud and phishing attempts that have been used for many years to hijack iTunes accounts. Because credit card information is tied to a user's account, nefarious people will steal and resell accounts, allowing people to buy content like music, movies and applications on someone else's dime.
This week's changes are only the latest in a series of measures by Apple over the years to improve security associated with iTunes accounts. Some of the steps taken include requiring users to verify their account information when they log into new devices, and upgrading passwords to make them more complex with varying characters.
Screens via The Next Web.
Some users have by the new security prompts appearing this week, and have expressed concern on the Apple Support Communities website that the alerts could be bogus phishing attempts. However, the revised measures have been proven to be legitimate, and Apple has admitted they are part of an ongoing effort to bolster security.
[ View article on AppleInsider ]
Comments
..... nefarious people will steal and resell accounts, allowing people to buy content like music, movies and applications on someone else's dime.
Oh, how I hate nefarious people!
Nice, this is much needed security.
Personally, I think they are a little overzealous lately. I get my Apple ID disabled at least once a year due to them being overly vigilant and it's a drag to have to re-set it.
Now I have to remember what I answered to a question I was asked possibly a year or more ago? (the next time they mistakenly disable my account).
Bleh.
I now enter random and different answers to these questions (not the correct answers), and store the answers in a safe, secure place.
It's nice that Apple lets you choose the questions. I hate banks and other sites that ask "what's your first pet's name", "what's your mother's maiden name", etc. Then when one of these sites is hacked, they have all the answers and can use them to change passwords on other sites.
I now enter random and different answers to these questions (not the correct answers), and store the answers in a safe, secure place.
Yeah. I hate that too. My favorite hated question is "what's your pet's name" and "what is your first grade teacher's name"... How the hell would I remember the name of my first grade teacher!
Its incredibly annoying having your account locked and force password change, this requires to me to make password changes ALL OVER the place, i.e.: iCloud login, iTunes login, Home sharing, on and on and on, on every device in my household and office.
Furthermore, I don't want capital letters in my password, as it slows down entry dramatically, and I DON'T want to enter my frigging password 10 times a day.
Apple, why can't I "take the risk" myself, opt to save passwords on my device, and NOT have to constantly re-enter them over and over and over again????
Good grief... I just got off the phone with an Apple rep after going through their updated security procedures and accidentally creating another log-in ID for iTunes... bleh! All of these goddamn login IDs are driving me off the deep end.
Personally I hate these security questions. I don't even like having to constantly enter my password to update a damn app. Make me enter it to buy more than $5 worth of stuff a day. Other that it's just annoying. Ditto on the "iTunes Terms and Conditions Have Changed" pop up. ANNOYING.
Yeah. I hate that too. My favorite hated question is "what's your pet's name" and "what is your first grade teacher's name"... How the hell would I remember the name of my first grade teacher!
Mrs. Alles. 30+ years ago.
I use random pass phrases keyed to the real question answers, and I would say that anyone that doesn't must have nothing to use. However, this limits me to accessing the information on one computer, since iOS doesn't sync keychains with a Mac.
That said... I have to type my iTunes password so often that it is my generic "insecure" one.
Here is wishing for a fingerprint scanner.
Yeah. I hate that too. My favorite hated question is "what's your pet's name" and "what is your first grade teacher's name"... How the hell would I remember the name of my first grade teacher!
Mine was Miss O'Conner. I'll be 74 this year. She's the only one I remember.
Apple, why can't I "take the risk" myself, opt to save passwords on my device, and NOT have to constantly re-enter them over and over and over again????
For the same reason you cannot be trusted to get your software anywhere except the App Store.
Personally, I think they are a little overzealous lately. I get my Apple ID disabled at least once a year due to them being overly vigilant and it's a drag to have to re-set it.
Now I have to remember what I answered to a question I was asked possibly a year or more ago? (the next time they mistakenly disable my account).
Bleh.
After dealing the the same problem on other websites ("What did I say was my favorite restaurant?" "Did I say my high school was in Yokelville (technically correct) or Hicksburg (the bigger town)?"), I've started just using the last word in the question as the answer:
Q: "What was your first child's name?"
A: "name"
Not very secure, I'll grant, but then (i) I have a strong password system that's not written down anywhere, and (ii) no more wondering what I said 2 or 3 years ago in answer to a stupid question.
Actually its been getting quite annoying with security precautions. I don't understand why I can't choose to override some of their requirements.
Its incredibly annoying having your account locked and force password change, this requires to me to make password changes ALL OVER the place, i.e.: iCloud login, iTunes login, Home sharing, on and on and on, on every device in my household and office.
Furthermore, I don't want capital letters in my password, as it slows down entry dramatically, and I DON'T want to enter my frigging password 10 times a day.
Apple, why can't I "take the risk" myself, opt to save passwords on my device, and NOT have to constantly re-enter them over and over and over again????
+1 +1 +1!!!
I hope to FSM that I never have an Apple ID log-in problem, because I still have a simple 8-character, all-numeric password. My S.O. had to do the alpha+number, at least one cap letter password a few months ago and it's such a ludicrous pain to enter - so much slower than straight numbers.
+1 +1 +1!!!
I hope to FSM that I never have an Apple ID log-in problem, because I still have a simple 8-character, all-numeric password. My S.O. had to do the alpha+number, at least one cap letter password a few months ago and it's such a ludicrous pain to enter - so much slower than straight numbers.
Heh, I got my iCloud account early enough that I don't have that restriction, either.
Of course, iCloud still has a password length cap; something I'll never understand?
Oh, and why can't passwords ever be non-arabic characters?
Maybe I know some other languages? Maybe, just maybe, I want to type my password in characters FROM these other languages because that makes my password absolutely unguessable and even harder to crack?
but this is a mess, lots of typing etc
my bank has by login split
user name
enter
new page with a self chosen image
underneath is my password
then if they sense a different computer THEN they ask for my security questions
so basically two pages, same username and password
This week I received 4 bogus delivery notifications from "Apple" informing me of shipments of MBP's, all to US addresses, not to me (I live in Thailand). Since we have a house full of Apple products, it's probably not difficult to collect the info that I have had dealings with Apple.
I'm sure that if I had tried to inform "Apple" that I had received these delivery notifications by mistake, there would have been a request for my Apple ID. In my opinion, finding out that someone had stolen my ID and had charged thousands of dollars of iTunes/Mac store purchases on my credit card is a lot more trouble than answering a security question.
One of the reasons that I have little apps on my Galaxy Tab is that there is no security to speak of in the android market store here, and they don't even require an ID to authorize a purchase.
I support anything that Apple does to improve security.
easy, secure, self directed (i chose the picture)
have you tried googles two stage system, they text you a code to input for log in
so you have to have your cellphone, i prefer the picture system, and if you are at a different computer then the questions
now lets make it even more cumbersome
i wouldn't mind a two stage log in but the one at my bank rocks
easy, secure, self directed (i chose the picture)
have you tried googles two stage system, they text you a code to input for log in
so you have to have your cellphone, i prefer the picture system, and if you are at a different computer then the questions
now lets make it even more cumbersome
Amex does not allow you to use capital letters in their passwords.
How up-to-date is that for a credit institution!