Home Tech Honangate: This is what Apple should do

Honangate: This is what Apple should do


Excellent suggestions from Marco Arment as usual:

At the bare minimum, for this level of recovery that bypasses security questions, they should require confirmation of the entire credit-card number and verification code, no matter what they need to do to remain PCI-compliant and pull that off.

And ideally, before resetting a password by phone, they’d send a forced “Find My”-style push alert to all registered devices on the account saying something like, “Apple Customer Service has received a request to reset your iCloud password. Please call 1-800-WHATEVER within 24 hours if this is unauthorized.”

Then make the person call back the next day. If you forget your password and the answers to your security questions, it’s not unreasonable to expect a bit of inconvenience.

Is there anyone out there, except maybe Apple, Inc, who disagrees?



Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.