Apple blows chunks

R

Racerx

En-Route
Joined
May 15, 2020
Messages
3,935
Display Name
Display name:
Ernie
Forgot apple id password. Its a rarity I download something on the ipad so of course I forgot the password. Enter phone number to reset, enter the code sent. Then enter my email, enter that code sent..... "We are evaluating your information to determine when you will be able to reset your password. By this time tomorrow we'll contact you via email to let you know your wait time"

Current wait time is 13 effing days!
 
like we often say about DoD IT cYbErSeCurITY: "It's so secure, NOBODY can get in!" :D Currently we sit here, unable to review debrief HUD tapes because the peripherals (DTC USB readers) are blacklisted by the nonners on the non-flying side of base. Winning. Heck, one of my subordinates spent 25 minutes trying to get them to open up the port to the printer. A printer... So we hear ya.
 
hindsight2020 said:
like we often say about DoD IT cYbErSeCurITY: "It's so secure, NOBODY can get in!" :D Currently we sit here, unable to review debrief HUD tapes because the peripherals (DTC USB readers) are blacklisted by the nonners on the non-flying side of base. Winning. Heck, one of my subordinates spent 25 minutes trying to get them to open up the port to the printer. A printer... So we hear ya.
Click to expand...

Man if that ain't the truth...
 
Well, I know of Apple Martin, pictured. The question is: who's Chunks?
Screenshot_20240507-141442.png
 
I have 200 something passwords in my password manager. Every one is different, and are what LL Bean's website adjudicated as being "wicked strong".

I printed the login information on a sheet of paper and locked it in my safe. That way, if I suddenly kick the bucket my wife can access everything.
 
Keys, combos, passwords have restrained man’s productivity incredibly, since the beginning. Should be measured, studied…. fixed.
 
Let'sgoflying! said:
Keys, combos, passwords have restrained man’s productivity incredibly, since the beginning. Should be measured, studied…. fixed.
Click to expand...

All PCs need to be equipped with blood-letting and DNA examination equipment. One quick prick and you're signed in. And bleeding everywhere. :biggrin: :crazy: :biggrin:
 
Racerx said:
Forgot apple id password. Its a rarity I download something on the ipad so of course I forgot the password. Enter phone number to reset, enter the code sent. Then enter my email, enter that code sent..... "We are evaluating your information to determine when you will be able to reset your password. By this time tomorrow we'll contact you via email to let you know your wait time"

Current wait time is 13 effing days!
Click to expand...

Had a new company iPhone (6s, I think?) waiting for me on my desk on the first day of a new job several years ago (2016ish I think). It was my first (and only) iPhone. It was 'meh' at best. I left the job (and phone) after about 6 months and that was the extent of my foray into the Apple ecosystem. Fast forward to last fall and my dad gives my 12 y/o son his old iPhone to use for video recording for his YT channel and whatnot. I try to register it and somehow ALL of my personal information is still tied to that old Apple account from before. I can't find a way to trick the system into giving me a new Apple User Id. I also can't just reset my password because I don't actually have a working Apple device that is registered to my Apple User Id. I end up stumbling into a way to reset the account midstream of trying to register the phone to my (inaccessible) account, but similar to you - I had to wait nearly a month for them to eventually send me an email link with "Click here to reset your password". Annnnndd.. My son used the phone for about 2 weeks before he decided to move on to different video 'style' for his channel. SMH
 
As bad as Apple is, MS is worse. I've forgotten my Microsoft account P/W a few times. I never us it because it sux, but sometimes you're forced to and have to start over with a new account.
 
2-Bit Speed said:
All PCs need to be equipped with blood-letting and DNA examination equipment. One quick prick and you're signed in. And bleeding everywhere. :biggrin: :crazy: :biggrin:
Click to expand...
I'd take bleeding everywhere if it meant doing what I want to do.
 
hindsight2020 said:
like we often say about DoD IT cYbErSeCurITY: "It's so secure, NOBODY can get in!" :D Currently we sit here, unable to review debrief HUD tapes because the peripherals (DTC USB readers) are blacklisted by the nonners on the non-flying side of base. Winning. Heck, one of my subordinates spent 25 minutes trying to get them to open up the port to the printer. A printer... So we hear ya.
Click to expand...

IT/Security's job is to keep the bad guy out. If no one can get in, they they have accomplished their mission.
 
Van Johnston said:
IT/Security's job is to keep the bad guy out. If no one can get in, they they have accomplished their mission.
Click to expand...

That way they also prevent the insider threat
 
Bob Noel said:
That way they also prevent the insider threat
Click to expand...

Well, I was being sarcastic, but of course you are correct.

Then again (in my Matthew McConoughey voice), if the insider is kept out, is he still inside?
 
Racerx said:
Forgot apple id password. Its a rarity I download something on the ipad so of course I forgot the password. Enter phone number to reset, enter the code sent. Then enter my email, enter that code sent..... "We are evaluating your information to determine when you will be able to reset your password. By this time tomorrow we'll contact you via email to let you know your wait time"

Current wait time is 13 effing days!
Click to expand...
That's really strange. Took 10 minutes last week when I had problems.
 
murphey said:
That's really strange. Took 10 minutes last week when I had problems.
Click to expand...
Apparently im not alone. Being such a sporadic iproduct user I forgot the password. But I did have my email and phone set as they sent a code to each. Still not enough information apparently.

Why should it take weeks to get into my apple id to download a new app? Yet I can reset my password to get into my bank account in 30 seconds?

How is this acceptable to wait 2 weeks to… - Apple Community

discussions.apple.com discussions.apple.com

IMG_20240507_120534730~3.jpgIMG_20240507_120321665.jpg
 
This is done intentionally to prevent account theft, which is rampant. A lot of sensitive information can be in iCloud accounts. Use a password manager and be more responsible with your passwords next time. You can setup an account recovery contact for the future.

Set up an account recovery contact

An account recovery contact can help make sure that you always have access to your account, even if you forgot your Apple ID password or device passcode. Learn how to set up a recovery contact on your iPhone, iPad, or Mac.
support.apple.com support.apple.com

You should be more upset that it’s so trivial to reset your bank password…
 
2
Racerx said:
Forgot apple id password. Its a rarity I download something on the ipad so of course I forgot the password. Enter phone number to reset, enter the code sent. Then enter my email, enter that code sent..... "We are evaluating your information to determine when you will be able to reset your password. By this time tomorrow we'll contact you via email to let you know your wait time"

Current wait time is 13 effing days!
Click to expand...
Interesting. You lock yourself out of the house and blame the lock maker Schlage.
 
Clip4 said:
2

Interesting. You lock yourself out of the house and blame the lock maker Schlage.
Click to expand...
I'm getting in my house in less than 2 weeks.

I also don't lock my house. Take whatever you want except the dog. She'll be in her cage otherwise she'll open the doors to go find me.
 
Are we in for another argument on macroeconomics? 'Cause the last one started from failings of customer support, and this seems kinda cx-supporty...
 
2-Bit Speed said:
Are we in for another argument on macroeconomics? 'Cause the last one started from failings of customer support, and this seems kinda cx-supporty...
Click to expand...
Nah. Apple was kind enough to tell me not to bother.
 
Clip4 said:
Interesting. You lock yourself out of the house and blame the lock maker Schlage.
Click to expand...
Oh , don’t start with Schlage, that would be an unfortunate move.
Perfect example of security that is so secure the user can’t get in!
And ‘hardware’ that fails regularly.
 
Let'sgoflying! said:
Oh , don’t start with Schlage, that would be an unfortunate move.
Perfect example of security that is so secure the user can’t get in!
And ‘hardware’ that fails regularly.
Click to expand...
The lock picking Lawyer can get past a schlage.
There needs to be a cyber hacking lawyer.

 
I manage all IT related things for a small private school... my predecessor had a little over 100 ipads set up with one appleID for each class so 10-30 devices on an ID. Different teachers and other staff input their phone numbers as owning the ID at different times and of course apple censors it so we never knew who's phone number was gonna get the freakin 2-factor authetnication code. Some didn't even work there anymore which was just great. I still have a small pile of them I can't get unlocked... try enough times and they'll schedule a time like a WEEK into the future when they'll send the code to the mystery person's phone. It's ridiculous.

Eventually, after a whole freain' summer of back and forth with Apple I was able to get most of the devices switched over to a managed system that doesn't use appleIDs but obviously that also was an ordeal. It's a vast improvement but on request I'm happy to rant about that flustercluck too.

Of course, I think the rest of the industry is trying to copy apple as usual. Microsoft now wants you to have a microsoft account for windows and force you to use an online login for your local computer. Note: if you are setting up windows or a new PC and want a local account the only way I've found to do it is do not connect it to the internet until you've completed setup. That's the only way the setup wizard will even give you the option of creaing a local user account but it can be done.

I'm nearly to another of my F everything I'm just running a linux desktop from now on phases.
 
So your predecessor screwed up and didn’t implement MDM from the get go and allowed the teachers to use their personal Apple IDs on hardware. From the hardware’s perspective, you trying to wipe it and get in is no different than a thief trying to wipe stolen property and get in to resell it or break in and get sensitive info.

Apple MDM isn’t great by any means, but again this seems like a complaint about the user (your predecessor in this case) not being responsible and running afoul of strong anti-theft and privacy measures. Apple doesn’t put those anti-theft and privacy protections in for no reason. How many stories of leaked nudes, texts, and other sensitive information have you heard? Where do you think it comes from?

All security design is a balance between convenience and protection. Apple could easily make it so they hold the keys to everything all the time and require absolutely no verification to reset passwords or wipe hardware. That would be super convenient for when the legitimate user has an issue, but thieves, black hats, and state sponsored actors would have a field day. This is the place on the security-convenience spectrum that Apple has settled on. It uses strong privacy protections as part of its image and brand. With that necessarily comes some compromises on convenience. If you don’t like it, you’re free to use an alternative.
 
Last edited:
AKiss20 said:
So your predecessor screwed up and didn’t implement MDM from the get go and allowed the teachers to use their personal Apple IDs on hardware. From the hardware’s perspective, you trying to wipe it and get in is no different than a thief trying to wipe stolen property and get in to resell it or break in and get sensitive info.

Apple MDM isn’t great by any means, but again this seems like a complaint about the user (your predecessor in this case) not being responsible and running afoul of strong anti-theft and privacy measures. Apple doesn’t put those anti-theft and privacy protections in for no reason. How many stories of leaked nudes, texts, and other sensitive information have you heard? Where do you think it comes from?

All security design is a balance between convenience and protection. Apple could easily make it so they hold the keys to everything all the time and require absolutely no verification to reset passwords or wipe hardware. That would be super convenient for when the legitimate user has an issue, but thieves, black hats, and state sponsored actors would have a field day. This is the place on the security-convenience spectrum that Apple has settled on. It uses strong privacy protections as part of its image and brand. With that necessarily comes some compromises on convenience. If you don’t like it, you’re free to use an alternative.
Click to expand...


All fine and dandy….but…it does not excuse the outrageous time delay required for a legitimate user to reset a lost password. Do you really believe that several weeks is the best that can be expected?
 
I keep EVERYTHING unlocked. My phone stays unlocked, and when I need an apple password, I screen shot it and it sits in my photos on my unlocked phone. I literally write my codes and passwords down on paper, then stick them to my computer, my bank card, etc. I'm a scammers dream...yet...I've never been scammed.
 
Country Flier said:
I keep EVERYTHING unlocked. My phone stays unlocked, and when I need an apple password, I screen shot it and it sits in my photos on my unlocked phone. I literally write my codes and passwords down on paper, then stick them to my computer, my bank card, etc. I'm a scammers dream...yet...I've never been scammed.
Click to expand...

It seems to me that there is very little overlap between those interested (and capable) in accessing your various accounts and those willing to break into your home...
 
robin ardoin said:
All fine and dandy….but…it does not excuse the outrageous time delay required for a legitimate user to reset a lost password. Do you really believe that several weeks is the best that can be expected?
Click to expand...
This is my gripe. I was lazy when I set it up. That's on me. But the 2 weeks to recover is absurd.
 
SixPapaCharlie said:
I have nothing to offer but when I see an "Apple Sucks" thread, I stop by to pile on.
They are the worst manufacturer of software that currently enslaves us to their ****ty proprietary BS.
Click to expand...
At the same time, it's why all their SW works across all their platforms. I did a lot of work on various versions of Linux and Windows over the years for one of those three lettered agencies (not the TVA) :p and there's a reason I've been an Apple fan-boy since 1987. I just don't have to screw with it. My stuff works across the computer, pads and phone and rarely has there been a problem. On the hardware side I've had one hardware failure ever.

That being said, 13 days is absurd. I'd find your nearest Apple store and take it in and say fix it.
 
Country Flier said:
I keep EVERYTHING unlocked. My phone stays unlocked, and when I need an apple password, I screen shot it and it sits in my photos on my unlocked phone. I literally write my codes and passwords down on paper, then stick them to my computer, my bank card, etc. I'm a scammers dream...yet...I've never been scammed.
Click to expand...
That you know about

The perfect crime is the one not discovered
 
cowman said:
Microsoft now wants you to have a microsoft account for windows and force you to use an online login for your local computer. Note: if you are setting up windows or a new PC and want a local account the only way I've found to do it is do not connect it to the internet until you've completed setup. That's the only way the setup wizard will even give you the option of creaing a local user account but it can be done.
Click to expand...
That used to be a pain in the @ss, might still be on older versions. Seems they've made accommodations or folks have figured ways around it.
Win10: https://helpdeskgeek.com/windows-10/how-to-setup-windows-10-without-a-microsoft-account/
Win11: https://www.windowscentral.com/how-set-windows-11-without-microsoft-account
 
FormerHangie said:
I have 200 something passwords in my password manager. Every one is different, and are what LL Bean's website adjudicated as being "wicked strong".

I printed the login information on a sheet of paper and locked it in my safe. That way, if I suddenly kick the bucket my wife can access everything.
Click to expand...
I did the same thing, told my wife where the list of password would be if needed.

Then I sent the list of sites to my kids, told them to help mom. The kids understood immediately, but said "Dad, where are the passwords"... That will be a family bonding event for days! :D
 
Racerx said:
Tried. No joy.
Click to expand...
Not to pile on, but it's simple. You transfer your number to an Android. If you lock the password on the Android you just factory reset it and create a new account.

MFA on a phone is silly, IMO, and I work in infosec. One old definition of MFA is to combine something you have, and something you know. The first one is the phone, the second is the password. Trying to add a second factor to a phone by way of text - which is on the phone, or email - which can easily be on the phone, is just silly.

That said, passwords suck as a security device. They always have. But they're cheap, so everyone uses them. And business people like to make everything available to everyone, everywhere, trying to add security at the end, so we end up with bad apps and vulnerabilities. Add to that, that the big software players want to sell services and rental of software, so it's in their best interest to keep you on the hook with these accounts in the cloud. Sold as a feature and service, but it's really just to lock you in as a customer, collect and sell information about you, and help steer their business partners to you. It's a perfect mix of greed, laziness, and stupidity that the consumers and customers pay for. The infosec people are just carrying the message...at least the good ones are.

Bottom line? These companies are trying to rent you your own identity, and we're collectively falling for it.
 
First off, I’ve been a happy Apple user since 1985 and my first 128k Macintosh. Deep in the ecosystem - computer, iPhones, iPads, Apple Watches, Apple TV’s, Apple Music, Airtags, CarPlay and probably more. All pretty seamlessly linked. Like I said, happy campers.

Wednesday I fell victim to a clever phishing attack. I’ll detail that in its own thread. But relevant to this thread…

1) Passwords SUCK! Karen and I spent all yesterday morning changing the passwords to all the important sites we could think of. Also added 2-factor-authentication when available.

2) Two different techs said, in effect, “It’s a good thing you were on a Mac”. They said in the short time the cretins had access to my computer, if it had been a Windows machine they could have done major damage in short order, but Mac’s are harder to get into, and my Terminal log looks like they didn’t have time to do much. Not tech savvy enough to know how true that is, but it seems like a common impression.
 
Apple makes you wait when they aren't confident in your identity. This is true when logging into your Apple account (or iCloud), or if Stolen Device Protection is activated on your iPhone. I am guessing that neither two-factor authentication nor security questions were set up for the OP’s account (or questions were not answered correctly), and that is the reason for the delay.

Apple iPhones and iPads don’t require multi-factor authentication locally on the phone unless Stolen Device Protection is enabled, or the device is Activation Locked. You may think this is “dumb,” but it materially protects the devices against theft by essentially rendering them useless to a thief, and Stolen Device Protection also protects your Apple account if your device is stolen. You have the option of not using an AppleID on the phone, and therefore not enabling Activation Lock, but that will also preclude you from downloading apps from the App Store. Of course, if it was easy to reset a lost password without much additional verification, the Activation Lock feature would be useless.

I also have a Windows 11 system and a paid Microsoft365 account. The security provided by Apple’s ecosystem is notably better in a number of ways. For example, I can create and remove app-specific passwords without deleting all of them, I can choose to have end-to-end encryption for almost everything in iCloud, and my devices (including Macs) can be activation locked to deter theft.

I recommend using a system-agnostic password manager like 1Password, Dashlane, Bitwarden, etc. If you want your passwords to be hacked repeatedly, LastPass is a good option. All of them can sync across multiple devices, are cross-platform, and integrate with major web browsers.

The bottom line is you can have more security and less convenience, or more convenience and less security. With reputations on the line, there is an incentive for companies to increasingly lean toward a higher level of security.
 
Last edited:
You must log in or register to reply here.
Back
Top