this post was submitted on 12 Dec 2023
72 points (98.6% liked)
Apple
17450 readers
206 users here now
Welcome
to the largest Apple community on Lemmy. This is the place where we talk about everything Apple, from iOS to the exciting upcoming Apple Vision Pro. Feel free to join the discussion!
Rules:
- No NSFW Content
- No Hate Speech or Personal Attacks
- No Ads / Spamming
Self promotion is only allowed in the pinned monthly thread
Communities of Interest:
Apple Hardware
Apple TV
Apple Watch
iPad
iPhone
Mac
Vintage Apple
Apple Software
iOS
iPadOS
macOS
tvOS
watchOS
Shortcuts
Xcode
Community banner courtesy of u/Antsomnia.
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
The fact you could do those actions without a repromt is fucking hilarious in the first place.
You misread the summary of the article.
It ALREADY requires a reprompt of you to enter your phone's passcode.
If someone has stolen your phone AND your passcode this feature helps prevent them from just entering in your passcode to gain further access.
With this they'd need to have your passcode and your face or finger.
The phone passcode, though, not your account password, which I still find an odd choice. All you need(ed) was the pin to unlock the phone to completely take over the entire account, including all your passwords and with it probably bank accounts, pictures, disabling find my, etc.
This is a security vs. usability tradeoff, and while many people here would take security over usability any day of the week (which is what this feature finally provides as an option), Apple caters to much wider audiences. People tend to forget their account passwords, and having the option to reset their Apple ID account password with two other factors ("something you own" being the device, "something you know" being the device's passcode) comes in very handy. I know people who neither remember their passwords nor want to use a password manager. So having a simple way around that by default that's at least somewhat secure and now having an option to increase security seems like a good solution. Even though I would've liked to have an option to completely disable messing with my Apple ID using any form of device authentication.
I get the trade of and it’s probably been the correct choice as I can’t imagine that specific theft affected a large portion of users. Still an odd place if you find yourself without your phone and soon after locked out of your digital life including you bank account and much more.
It’s great Apple is taking steps to improve the situation there.