Companies like Apple say the password has to have a capital lowercase number and 8+ characters. But leave out that your password can’t be something you have used in the last year, can’t contain your name, birthday, or email address. Those errors will come up separately. In this case it would say you can’t reuse your password. It doesn’t say your last password because it wasnt your last password. Some people just don’t use the password daily/weekly, so they forget 6 times a year and have to keep resetting it.
Also the number of people forget their passcode because they use face/touch id all all the time is higher than you’d expect apparently. I knew someone who used to complain about it when they did support for them. Essentially people plug their device in every night, use it daily and never turn it off so it always accepts face or touch. Then they leave automatic updates on … and it restarts for an update and they can’t get back into their device because face/touch doesn’t work on first boot, it is a subsidiary of the passcode and cannot be set up without the passcode.
Then since they forgot their passcode, they have to wipe everything from the phone to bypass it… But of course they don’t know their password so they can’t sign back into their account and it is then activation locked because that’s how they prevent people from using stolen devices.
Then the extreme cases dude was telling me at that point is they changed their phone number at some point, so they can’t reset their password without it, it takes days if not a week to recover the account, all the while their phone is a brick
my favorite is my login for my phone needing me to authenticate i with… the authenticator… on my phone…. which to log into the authenticator…. requires me to verify using the authenticatior…
you call the IT department and i get an AI telling me that all password retrievals are done through the web portal, so it sends the password reset… to my email, accessed by my phone, that needs me to authenticate using the authenticatior…
the real answer it to lie to the AI to talk to a person and ambush them with a password reset and don’t take no for an answer.
i am currently 1 month behind on my required training modules about the importance of network security.
If your talking about a company like Apple, they can’t reset your password no matter what, they have no access. It is only controlled by the user unless it is an account recovery which takes days. (Which if a user creates an account recovery key, it takes it completely out of their hands). It’s a 28? Digit code that makes it so the password/account can never be recovered without that code and access to the phone number on the account unless there is still a device logged into that account you can change it from. You could have spent $8000 on the account for subscriptions/music/whatever, you won’t be able to access it ever again. All purchases lost
from what people told me who’s had this happen, even with a lost account recovery key it is possible to recover the account, it’s just apple doesn’t advertise it.
Basically it’s the same account recovery process but they nuke the accounts cloud(which is likely a deal breaker) prior to handing the account over. The issue is you can’t start that from a self service portal, it has to be originated from apple support and getting them to actually do it can be a pain because they don’t like to for obvious reasons.
also i believe Not having a method of account recovery that allows you to retain goods that was exchanged for monetary value would be concidered fraud so I would expect they are forced to have some way of retaining purchases as long as you can clearly identify yourself as the buyer
It’s factual you will lose it. It even says you will have a permanent loss of access to the account if you don’t have the information supplied to you to recover it. Basically you signed a contract that you won’t lose it and you control it, then you fucked up. Not their problem is what they see it as.
What I’m saying is I have heard cases where people have reached out to Apple’s support and after a few weeks of fighting it(and a few attempts) they got a hold of someone who nuked the accounts cloud and then gave the account back.
Being said for the legal side of it, what they write down isn’t law. They still have to follow the local jurisdiction.
there’s actually an almost identical case to this already going through the US federal system. Awaiting discovery. It’s the Matthews vs. Apple case. In this case, a pickpocketer stole the phone, changed the already existing recovery key(which is a known tactic for thieves who are stealing Apple accounts), and then proceeded to lock them out of the account.
While they have yet to give judgement on this case, Apple has attempted and failed to get it dismissed twice now, in the two years that the case has been active, each time the court stating that the plaintiff has a valid case to be heard and that apples argument that they lacked intent to do it wasn’t valid.
granted, it could still rule in apple’s favor, but being as they have repeatedly refused to dismiss most of the plaintiff’s claims and are allowing it to go into the discovery phase, it doesn’t look good for apple.
God’s, I’d hate to deal with losing my phone number. I have most everything crosslinked where my number isn’t the only option, but some I’m sure would still give me a big fat FU to deal with. I have all my passwords to everything correctly saved in my PW manager, at least
Companies like Apple say the password has to have a capital lowercase number and 8+ characters. But leave out that your password can’t be something you have used in the last year, can’t contain your name, birthday, or email address. Those errors will come up separately. In this case it would say you can’t reuse your password. It doesn’t say your last password because it wasnt your last password. Some people just don’t use the password daily/weekly, so they forget 6 times a year and have to keep resetting it.
Also the number of people forget their passcode because they use face/touch id all all the time is higher than you’d expect apparently. I knew someone who used to complain about it when they did support for them. Essentially people plug their device in every night, use it daily and never turn it off so it always accepts face or touch. Then they leave automatic updates on … and it restarts for an update and they can’t get back into their device because face/touch doesn’t work on first boot, it is a subsidiary of the passcode and cannot be set up without the passcode.
Then since they forgot their passcode, they have to wipe everything from the phone to bypass it… But of course they don’t know their password so they can’t sign back into their account and it is then activation locked because that’s how they prevent people from using stolen devices.
Then the extreme cases dude was telling me at that point is they changed their phone number at some point, so they can’t reset their password without it, it takes days if not a week to recover the account, all the while their phone is a brick
my favorite is my login for my phone needing me to authenticate i with… the authenticator… on my phone…. which to log into the authenticator…. requires me to verify using the authenticatior…
you call the IT department and i get an AI telling me that all password retrievals are done through the web portal, so it sends the password reset… to my email, accessed by my phone, that needs me to authenticate using the authenticatior…
the real answer it to lie to the AI to talk to a person and ambush them with a password reset and don’t take no for an answer.
i am currently 1 month behind on my required training modules about the importance of network security.
If your talking about a company like Apple, they can’t reset your password no matter what, they have no access. It is only controlled by the user unless it is an account recovery which takes days. (Which if a user creates an account recovery key, it takes it completely out of their hands). It’s a 28? Digit code that makes it so the password/account can never be recovered without that code and access to the phone number on the account unless there is still a device logged into that account you can change it from. You could have spent $8000 on the account for subscriptions/music/whatever, you won’t be able to access it ever again. All purchases lost
from what people told me who’s had this happen, even with a lost account recovery key it is possible to recover the account, it’s just apple doesn’t advertise it.
Basically it’s the same account recovery process but they nuke the accounts cloud(which is likely a deal breaker) prior to handing the account over. The issue is you can’t start that from a self service portal, it has to be originated from apple support and getting them to actually do it can be a pain because they don’t like to for obvious reasons.
also i believe Not having a method of account recovery that allows you to retain goods that was exchanged for monetary value would be concidered fraud so I would expect they are forced to have some way of retaining purchases as long as you can clearly identify yourself as the buyer
It’s factual you will lose it. It even says you will have a permanent loss of access to the account if you don’t have the information supplied to you to recover it. Basically you signed a contract that you won’t lose it and you control it, then you fucked up. Not their problem is what they see it as.
What I’m saying is I have heard cases where people have reached out to Apple’s support and after a few weeks of fighting it(and a few attempts) they got a hold of someone who nuked the accounts cloud and then gave the account back.
Being said for the legal side of it, what they write down isn’t law. They still have to follow the local jurisdiction.
there’s actually an almost identical case to this already going through the US federal system. Awaiting discovery. It’s the Matthews vs. Apple case. In this case, a pickpocketer stole the phone, changed the already existing recovery key(which is a known tactic for thieves who are stealing Apple accounts), and then proceeded to lock them out of the account.
While they have yet to give judgement on this case, Apple has attempted and failed to get it dismissed twice now, in the two years that the case has been active, each time the court stating that the plaintiff has a valid case to be heard and that apples argument that they lacked intent to do it wasn’t valid.
granted, it could still rule in apple’s favor, but being as they have repeatedly refused to dismiss most of the plaintiff’s claims and are allowing it to go into the discovery phase, it doesn’t look good for apple.
no it’s a company login.
God’s, I’d hate to deal with losing my phone number. I have most everything crosslinked where my number isn’t the only option, but some I’m sure would still give me a big fat FU to deal with. I have all my passwords to everything correctly saved in my PW manager, at least