Sign up to save your podcasts
Or
Share 15: Please don't enter the iCloud password
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
15: Please don't enter the iCloud password
Unless you've been living under a rock, you know that Apple is committed to the security of its users' data, and lately has been vocal about it. The PR blitz has been all about the hardware and OS software that unlocks iPhones. With TouchID, unlocking my phone is something I do dozens of times per day without thought. Even when I have to fall back to a passcode — it gets cold outside in places other than California! — it's seamless. Most importantly, it's predictable; I only have to authenticate in response to my own action of turning on the phone's display.
I can't say the same for iCloud authentication. In theory, I should only have to enter my iCloud credentials at device setup, or when performing specific actions like confirming a purchase. Yet most of the time I'm presented with an iCloud password dialog, it's out of the blue, with no explanation: simply "Please enter the iCloud password for…" my Apple ID. It's frustrating, sure, but more than that it's troubling. Because I respond to that dialog differently than the vast majority of iCloud users.
I always click Cancel.
My iCloud credentials are the key to my digital life across several devices. I don't give them away without an explanation, just as I wouldn't give my Social Security number to someone who stopped me on the street randomly. But if the person behind the counter at the bank asked me for my SSN, even if I'd never seen them before in my life, I would give it over — it's all about context.
On iOS, iCloud authentication is done in a modal dialog, which you can be reasonably certain is generated by either the foreground app or the system itself. In this sense, they are slightly less mysterious than their counterparts in OS X. On the Mac, iCloud authentication dialogs pop up of their own accord, at seemingly random times, with no indication of the process they are tied to. And since all they consist of is a stock phrase, an iCloud icon, and a couple text fields, they are the equivalent of the stranger on the street. So I dismiss them, figuring that if it was important, I'll notice what broke. Then I can navigate to the appropriate app or preferences and meet the dialog on my own terms.
But that's not how most users think. "It needs it! It says so!" Even though OS X is a relatively safe platform, there are always bad actors, sometimes lurking in unexpected places. A healthy dose of skepticism is necessary, even if in a perfect world it wouldn't be. But Apple could make the world more perfect — because, let's be honest, 99.9% of those dialogs come from them. It would be a very Apple-like thing to do, giving their users confidence and keeping them safe.
View all episodes
By Ed Cormany
5
22 ratings
Unless you've been living under a rock, you know that Apple is committed to the security of its users' data, and lately has been vocal about it. The PR blitz has been all about the hardware and OS software that unlocks iPhones. With TouchID, unlocking my phone is something I do dozens of times per day without thought. Even when I have to fall back to a passcode — it gets cold outside in places other than California! — it's seamless. Most importantly, it's predictable; I only have to authenticate in response to my own action of turning on the phone's display.
I can't say the same for iCloud authentication. In theory, I should only have to enter my iCloud credentials at device setup, or when performing specific actions like confirming a purchase. Yet most of the time I'm presented with an iCloud password dialog, it's out of the blue, with no explanation: simply "Please enter the iCloud password for…" my Apple ID. It's frustrating, sure, but more than that it's troubling. Because I respond to that dialog differently than the vast majority of iCloud users.
I always click Cancel.
My iCloud credentials are the key to my digital life across several devices. I don't give them away without an explanation, just as I wouldn't give my Social Security number to someone who stopped me on the street randomly. But if the person behind the counter at the bank asked me for my SSN, even if I'd never seen them before in my life, I would give it over — it's all about context.
On iOS, iCloud authentication is done in a modal dialog, which you can be reasonably certain is generated by either the foreground app or the system itself. In this sense, they are slightly less mysterious than their counterparts in OS X. On the Mac, iCloud authentication dialogs pop up of their own accord, at seemingly random times, with no indication of the process they are tied to. And since all they consist of is a stock phrase, an iCloud icon, and a couple text fields, they are the equivalent of the stranger on the street. So I dismiss them, figuring that if it was important, I'll notice what broke. Then I can navigate to the appropriate app or preferences and meet the dialog on my own terms.
But that's not how most users think. "It needs it! It says so!" Even though OS X is a relatively safe platform, there are always bad actors, sometimes lurking in unexpected places. A healthy dose of skepticism is necessary, even if in a perfect world it wouldn't be. But Apple could make the world more perfect — because, let's be honest, 99.9% of those dialogs come from them. It would be a very Apple-like thing to do, giving their users confidence and keeping them safe.