Apple ID password rant
inopinatus
The theatrical demand from OSX and iOS for constantly re-entering the Apple ID password is a substantial enemy of security. I just upgraded two laptops, a server, an iPhone, and restored an iPad. I think I had to enter the same passwords six times per device. In general use they’re no better, regularly nagging for a password for piddling tasks like updating an app or downloading a song.
For me with separation-of-concern accounts and 20+ character generated passwords this is a major annoyance, especially on a tablet keyboard. It’s also a joke when everything else I have of substance is using one-time passwords, two-factor tokens, key-based authentication &c.
But that’s not the elephant in the room.
The global issue is this: for most folks, the repeated nagging means they’re motivated to choose an easy-to-type, easily-remembered, perhaps easily written down password. In other words, easily guessed/cracked.
Hence Apple’s legacy of easily stolen accounts, and it’s entirely their own fault.