Never, ever change your Apple password.
I admit it: I’ve had the same password on my Apple account for a few years, and it wasn’t even a very good one. “Pretty stupid”, you might say, and I’d agree, but I’ll do it again given the hassle involved with changing it.
Last night I made a change to my Apple account, and to make the change Apple forced me to pick a more secure password (like I said, the old one wasn’t that great). So I choose something longer, with caps, numbers, special characters, etc. Then the fun begins.
Mac: “Your iCloud password for your Apple account is incorrect”. No problem, I’ll just type that in.
Mac: “Your FaceTime password for your Apple account is incorrect”. Annoying, but I can type fast so a minor inconvenience.
Mac: “Loser, your App Store password for your Apple account is incorrect”. Come on, these are all stored separately?
Mac: “Hey bonehead, type in your Apple account password twice if you want iTunes to work. And when you’re done with that, get ready to type it in again for iMessage.”
So I’m a little annoyed, but get over it until I pick up my iPad.
iPad: “I believe that you have stolen Dave Douglas’s iPad. Please type his password multiple times to return it to full functionality.” A little more annoyed, until I realize that I have to type this complex password multiple times into a touch keyboard. Shift is an extra keystroke, a couple of taps to get to some special characters. Got better over time but still goofed it about half the time.
iPhone: “I see from our records that you were able to type a complex string into an iPad keyboard multiple times. Now try it on a phone keyboard, sucker.” This sucks.
Finally, I think I’m all back on-line, and I turn on my TV.
AppleTV: “Congratulations, you have advanced to the final challenge. You must now attempt to type your new password in using a child-like TV remote. Hahahahaha!”
1. Apple is still not serious about security. Making it painful for people to change their password will have the expected result.
2. Apple is going too fast. We’ve all seen the increase in buggy software (e.g. basic text messages barely work on my phone right now, a feature that the very first iPhone had pretty well nailed), and yesterday my computer rang for half an hour because it had decided without asking that it should now answer my phone calls, but didn’t notice that I had actually answered it on my phone.
The multi-device world is naturally complex, with security and ease of use challenges increasing exponentially. But instead of making it better, Apple is compounding the challenges. Sure seems to me like there’s a great opportunity for multi-factor auth here, but not in Apple-land.