Apple App store "Security Info Required"?

[SNC]

Is anyone else getting this while installing a new app?

This is like 3 grade security. For the majority of people, this will reduce the guess work when trying to get into someones account. So not if you dont knwo the password, you can jump on facebook or my space and get all the answers you need to reset the password. Now I know most of teh people here do not tell there lives story on social network sites, but for the mass' that do.......

 

[ChAoTiCpInOy]

It's an extra level of security. They provide questions but you can always put a different answer. It's only celebrities (mostly) that need to answer these questions without information easily found on the internet.

 

[SNC]

It's an extra level of security. They provide questions but you can always put a different answer. It's only celebrities (mostly) that need to answer these questions without information easily found on the internet.

The purpose of having these questions is to allow you to retrieve your password if you lose it. How does providing fake info help? I asked over at the apple board and was treated as if I was an idiot that never heard of saving the info in a text file or paper and pen. When did plastering your monitor with post-it notes become an acceptable method of security? And as to answering with false info, what happens when you lose that text file or the post-it notes and need to recover you password, who’s going to get the blame?
Would it be harder to figure out: a password like h5ys@u7@00mh^3DFf, or finding out my favorite author, newest car, and high school I attended? I am sure that there are several places that my favorite author could be found out from, I posted on this forum that car I just bought and LinkedIn has my high school listed. And if we are talking about an X-whatever that becomes so much easier. I guess I am in the minority, but I do not see this as a way to secure the account.

 

[vbuggy]

I was thinking the same thing. Not a big deal for the majority of my iPads right now since the Sonos and Control4 remotes work perfectly well, but I would be looking to be able to generate my own Q&A before I answer any of that crap.

 

[vbuggy]

BTW I'm sure others have spotted it but wasn't nagged for it when I downloaded updates thru iTunes.

EDIT: Donner und blitzen, I spoke too soon. Nags you in iTunes as well

 

[SNC]

BTW I'm sure others have spotted it but wasn't nagged for it when I downloaded updates thru iTunes.

EDIT: Donner und blitzen, I spoke too soon. Nags you in iTunes as well

My son just asked about a song. When he tried through iTunes he was prompted.
I really dont want to put together a whole new system here, I have well over 1k in just streaming devices from Apple.

I guess I coule just answer with fake answers and hope that I never need to answer them. With my luck I will and end up loosing everything anyway. So do I do it on my terms, or wait until I am forced?

 

[vbuggy]

Or better still, take a note of the fake answers and put it somewhere safe. If Apple does it, a whole host of other services will probably pile in the same way. You can have stock (& improbable) fake answers lined up in that case.

 

[amdhunter]

Answers are easily guessed by any of my friends. I had to get clever, and I'll probably forget it by the time I need it.

 

[gmaster456]

I had to do this the other day. No big deal.

 

[Larries]

Actually this is not something new. Many websites already implemented this kind of security questions. I haven't seen this on App Store yet and don't know how it works for Apple's case. But usually, the system works this way:

1. You forgot your password and ask to reset your password
2. The site ask you to answer a security question that you entered some time ago
3. If answered correctly, the site will email a link to the email account you registered to reset the password
4. You then need to click the link through the email to reset the password

When implemented properly, a person needs to know your security question and answer, and have access to the email you registered with to get your password reset.

As how secure it is... guess thats for the security experts

Edit: btw I did need to answer the security question of a website I forgot password once, and the question was setup 3 years ago.... luckily, I put in the right answer....

 

[VirtualLarry]

I agree, these ideas are crap for security. It's like providing extra passwords, that are easier to guess than ordinary passwords. What a dumb idea.

SWTOR (the MMO) does this too. Idiots.

Interestingly, in SWTOR, I wasn't able to log in with my first few (long) password choices. It wasn't until I chose a ridiculously short password, that they would even let me use it to log on!

 

[Pheran]

I just got hit by this garbage as well. Worse, the security questions Apple gives you to choose from SUCK - a bunch of crap that you're not going to remember (first concert?). Blech. I hate idiocy in the name of security.

 

[SNC]

This is what I received after 3 attempts to find out what is going on:

This is Jonathan here again from the iTunes Store Support. I have consulted your case from my senior advisor and here is what he sent to me.

From time to time, Apple enhances the security of our valued customer's iTunes Store accounts. I apologize for any frustration this has caused, and I assure you that the recent changes are not meant as an inconvenience, but rather to help safeguard your account details and activity. Apple is pleased to provide this feature and hopes that keeping your safety in mind, will help you to better enjoy the iTunes and App Store.

With this new system in place, when a purchase is attempted from a new device or computer, the store selects, at random, two of the three challenge questions for your Apple ID to verify that you are the account owner. If the questions are answered incorrectly ten times, your account becomes temporarily locked. When your account is locked, you cannot make purchases using any device that has not previously used the Apple ID. It also prevents you from changing your challenge questions. However, you are still able to make purchases using a trusted device.

I would also let you know that there is no way around it and you are required to have it set.

 

[vbuggy]

Well duh. Did you think you'll get a different answer from Apple?

 

[SNC]

I replied to that email with a nasty-gram and filled out the feedback form that was linked from the e-mail. To my surprise I am not asked for the additional questions. Not user how long it will last....

 

[SNC]

Well duh. Did you think you'll get a different answer from Apple?

Actually I did.