This is essential. The previous method was open to people guessing the password.
The security questions included the birth date. --Every body having a 40th. 50th. etc Birthday party gave away half the security away. Some people used a question that too many people could guess.
Mine was Miss O'Conner. I'll be 74 this year. She's the only one I remember.
Mrs. Gardner. 50 years ago.
I'm personally DISGUSTED with Apple of late. Ridiculous password requirements are just the half of it. Why, for example, do I have to log into the app store to download a FREE app? That's complete B.S. And WHY do you have to password a machine on a private network? This makes zero sense, and is about as far from user friendly as a company can get.
Apple is not a bank. It should stop behaving like one.
Why, for example, do I have to log into the app store to download a FREE app? That's complete B.S.
Not in the slightest. It makes perfect sense. It ties the apps to your account, allowing them to automatically download on all your other devices and to keep a record of the purchase if the app goes paid.
I've had that happen before. An app updated and went paid, but I got the free version before this happened. My version changed to the paid version (as opposed to the free trial they offered thereafter) and my account showed the paid version redownloadable for free.
Quote:
Apple is not a bank. It should stop behaving like one.
And when thousands of accounts get hacked due to a lack of security, they'll blame Apple instead of their lack of security. They're not going to loosen up.
I'm personally DISGUSTED with Apple of late. Ridiculous password requirements are just the half of it. Why, for example, do I have to log into the app store to download a FREE app? That's complete B.S. And WHY do you have to password a machine on a private network? This makes zero sense, and is about as far from user friendly as a company can get.
Apple is not a bank. It should stop behaving like one.
Although it's a free app, you still receive a receipt for it, which I assume must be reported to some government agency... as is everything these days.
Mine was Miss O'Conner. I'll be 74 this year. She's the only one I remember.
Where I lived we used to have a separate teacher for each subject (math, science.. etc). We used to get get with a stick on the hand if we missed a homework or did not pay attention. So this is an experience I don't regret forgetting.
The only thing that these new security measures will protect are Apple's corporate bottom line. While I hail the upgrade of Apple ID's password requirements as something that actually tightens iTunes already far from lax security, the idea of having three security questions to confirm consumers identity actually protecting consumers at best is ludicrous. At best the questions are lame, ranging from "In which city were you first kissed?" to "Who was your best childhood friend?". At worst they are an invasion of privacy. There is no option to either opt out of their security requirements; my password is secure and guessing it at a rate of 1000 times a second a brute force cracking method would take an average of 2.13 thousand centuries to discover (see https://www.grc.com/haystack.htm ) nor is there an option to create your own security questions that would have more meaning to me individually. They've got all this cloud storage space and claim to use "industry-standard encryption" why not at the very least give me the option of creating security questions that are meaningful to me.
I am seriously considering taking my five week old iPhone 4S back to Verizon and getting a Droid instead.
They've got all this cloud storage space and claim to use "industry-standard encryption" why not at the very least give me the option of creating security questions that are meaningful to me.
Agreed. I could have sworn there was already an Apple service that allowed that… Why they don't have it across the board is beyond me.
Quote:
I am seriously considering taking my five week old iPhone 4S back to Verizon and getting a Droid instead. Wievil
I recommend to those who do not like the security implementation in iTunes to send an email to Tim Cook, CEO Apple tcook@apple.com. I have provided a template email below to which you need simply add your "signature."
Greetings, I beseech you to add or change questions in iTunes security. While I applaud the additional scrutiny, the questions are too restrictive and quite honestly I can't remember the answers to most of the questions.
Here are examples of questions which Apple is asking:
What was the first care you owned?
Who was your first teacher?What was the first album you owned?
Where was your first job?
In which city were you first kissed?
Which of the cars you've owned has been your favorite?
Who was your favorite teacher?
What was the first concert you attended?
Where was your favorite job?
Who was your best childhood friend?
Which of the cars you've owned has been your least favorite?
Who was your least favorite teacher?
Where was your least favorite job?
In which city did your mother and father meet?
Where were you on January 1, 2000?
Many of these questions contradict or are contraindicated by security question best practices:
The answer to a good security question should be easy to remember but still not available to others. Ideally, the user should immediately know the answer without doing research or looking up a reference or remembering too far back in time.
Bad examples:
What is your driver's license number? (I haven't memorized mine, have you?)Car registration number (this may be easy for others to find on the web anyway)
But don't use questions that go back to childhood, or for that matter last year for someone like me.
Bad examples:
What was the name of your first pet?
What was your first car, favorite elementary school teacher, first kiss, etc.
Please add questions that the average person over 40 can actually remember, more imporantly see the website listed above for security question best practices:
In which city, county and state were you born?
What is your grandmother's maiden name?
Thank you very much for your time and consideration,
I've got five weeks time invested in iTunes, all the music and video I've downloaded are direct from CD or digital copies and all of the apps I've downloaded are free plus the iPhone 4S on Verizon runs only at 3G speeds while Verizon offers 4G speeds on their Droid phones. As a consumer the best way to express my displeasure at a given company and their practices is to take my wallet else where. They will never earn another penny from me.
Also, the iTunes site that lets you "manage" your security questions says that you can put in your own questions but doesn't actually allow you to.
I've got five weeks time invested in iTunes, all the music and video I've downloaded are direct from CD or digital copies and all of the apps I've downloaded are free plus the iPhone 4S on Verizon runs only at 3G speeds while Verizon offers 4G speeds on their Droid phones. As a consumer the best way to express my displeasure at a given company and their practices is to take my wallet else where. They will never earn another penny from me.
Thanks for joining a website about a company just to say you're never going to buy from that company again.
Is that an outright lie, being a drama queen, or just plain trolling? I can't tell.
Mine was Miss O'Conner. I'll be 74 this year. She's the only one I remember.
My mother is 85 and she used to be a teacher. Several years ago, one of her former students came to our table when I took her out to dinner. He knew her right away! I asked him how he could remember a teacher he had over 50 years ago? He said he still had the ruler marks on his hands.
Somehow I'm betting that if I could locate my mother's former students, I could hack their accounts pretty easily.
Comments
The security questions included the birth date. --Every body having a 40th. 50th. etc Birthday party gave away half the security away. Some people used a question that too many people could guess.
Belated Well Done Apple.
Mine was Miss O'Conner. I'll be 74 this year. She's the only one I remember.
Mrs. Gardner. 50 years ago.
I'm personally DISGUSTED with Apple of late. Ridiculous password requirements are just the half of it. Why, for example, do I have to log into the app store to download a FREE app? That's complete B.S. And WHY do you have to password a machine on a private network? This makes zero sense, and is about as far from user friendly as a company can get.
Apple is not a bank. It should stop behaving like one.
Why, for example, do I have to log into the app store to download a FREE app? That's complete B.S.
Not in the slightest. It makes perfect sense. It ties the apps to your account, allowing them to automatically download on all your other devices and to keep a record of the purchase if the app goes paid.
I've had that happen before. An app updated and went paid, but I got the free version before this happened. My version changed to the paid version (as opposed to the free trial they offered thereafter) and my account showed the paid version redownloadable for free.
Apple is not a bank. It should stop behaving like one.
And when thousands of accounts get hacked due to a lack of security, they'll blame Apple instead of their lack of security. They're not going to loosen up.
Mine was Miss O'Conner. I'll be 74 this year. She's the only one I remember.
I'm thirty years younger and can't remember what I did last week! Good on you, OMG (OldMacGuy).
Mrs. Gardner. 50 years ago.
I'm personally DISGUSTED with Apple of late. Ridiculous password requirements are just the half of it. Why, for example, do I have to log into the app store to download a FREE app? That's complete B.S. And WHY do you have to password a machine on a private network? This makes zero sense, and is about as far from user friendly as a company can get.
Apple is not a bank. It should stop behaving like one.
Although it's a free app, you still receive a receipt for it, which I assume must be reported to some government agency... as is everything these days.
Mine was Miss O'Conner. I'll be 74 this year. She's the only one I remember.
Where I lived we used to have a separate teacher for each subject (math, science.. etc). We used to get get with a stick on the hand if we missed a homework or did not pay attention. So this is an experience I don't regret forgetting.
The only thing that these new security measures will protect are Apple's corporate bottom line. While I hail the upgrade of Apple ID's password requirements as something that actually tightens iTunes already far from lax security, the idea of having three security questions to confirm consumers identity actually protecting consumers at best is ludicrous. At best the questions are lame, ranging from "In which city were you first kissed?" to "Who was your best childhood friend?". At worst they are an invasion of privacy. There is no option to either opt out of their security requirements; my password is secure and guessing it at a rate of 1000 times a second a brute force cracking method would take an average of 2.13 thousand centuries to discover (see https://www.grc.com/haystack.htm ) nor is there an option to create your own security questions that would have more meaning to me individually. They've got all this cloud storage space and claim to use "industry-standard encryption" why not at the very least give me the option of creating security questions that are meaningful to me.
I am seriously considering taking my five week old iPhone 4S back to Verizon and getting a Droid instead.
Wievil
Quote:
Originally Posted by Wievil
At worst they are an invasion of privacy.
So lie. That's even more secure.
Quote:
They've got all this cloud storage space and claim to use "industry-standard encryption" why not at the very least give me the option of creating security questions that are meaningful to me.
Agreed. I could have sworn there was already an Apple service that allowed that… Why they don't have it across the board is beyond me.
Quote:
I am seriously considering taking my five week old iPhone 4S back to Verizon and getting a Droid instead. Wievil
Sure you are.
I recommend to those who do not like the security implementation in iTunes to send an email to Tim Cook, CEO Apple tcook@apple.com. I have provided a template email below to which you need simply add your "signature."
Greetings, I beseech you to add or change questions in iTunes security. While I applaud the additional scrutiny, the questions are too restrictive and quite honestly I can't remember the answers to most of the questions.
Here are examples of questions which Apple is asking:
What was the first care you owned?
Who was your first teacher?What was the first album you owned?
Where was your first job?
In which city were you first kissed?
Which of the cars you've owned has been your favorite?
Who was your favorite teacher?
What was the first concert you attended?
Where was your favorite job?
Who was your best childhood friend?
Which of the cars you've owned has been your least favorite?
Who was your least favorite teacher?
Where was your least favorite job?
In which city did your mother and father meet?
Where were you on January 1, 2000?
Many of these questions contradict or are contraindicated by security question best practices:
The answer to a good security question should be easy to remember but still not available to others. Ideally, the user should immediately know the answer without doing research or looking up a reference or remembering too far back in time.
Bad examples:
What is your driver's license number? (I haven't memorized mine, have you?)Car registration number (this may be easy for others to find on the web anyway)
But don't use questions that go back to childhood, or for that matter last year for someone like me.
Bad examples:
What was the name of your first pet?
What was your first car, favorite elementary school teacher, first kiss, etc.
http://www.goodsecurityquestions.com/designing.htm
Please add questions that the average person over 40 can actually remember, more imporantly see the website listed above for security question best practices:
In which city, county and state were you born?
What is your grandmother's maiden name?
Thank you very much for your time and consideration,
[Your name here]
I've got five weeks time invested in iTunes, all the music and video I've downloaded are direct from CD or digital copies and all of the apps I've downloaded are free plus the iPhone 4S on Verizon runs only at 3G speeds while Verizon offers 4G speeds on their Droid phones. As a consumer the best way to express my displeasure at a given company and their practices is to take my wallet else where. They will never earn another penny from me.
Also, the iTunes site that lets you "manage" your security questions says that you can put in your own questions but doesn't actually allow you to.
Wievil
Quote:
Originally Posted by Wievil
I've got five weeks time invested in iTunes, all the music and video I've downloaded are direct from CD or digital copies and all of the apps I've downloaded are free plus the iPhone 4S on Verizon runs only at 3G speeds while Verizon offers 4G speeds on their Droid phones. As a consumer the best way to express my displeasure at a given company and their practices is to take my wallet else where. They will never earn another penny from me.
Thanks for joining a website about a company just to say you're never going to buy from that company again.
Is that an outright lie, being a drama queen, or just plain trolling? I can't tell.
Though maybe a little late, but nice improvement~
Quote:
Originally Posted by OldMacGuy
Mine was Miss O'Conner. I'll be 74 this year. She's the only one I remember.
My mother is 85 and she used to be a teacher. Several years ago, one of her former students came to our table when I took her out to dinner. He knew her right away! I asked him how he could remember a teacher he had over 50 years ago? He said he still had the ruler marks on his hands.
Somehow I'm betting that if I could locate my mother's former students, I could hack their accounts pretty easily.
oh yes! this is great! i like this improvement!