You know those “secret questions” sites often ask for? They’re designed as an extra level of verification when you lose access to your account, such as when you forget your password, or email, or password to your email.
The problem is, they’re terrible for security. Most secret questions can’t be tailor made for the person, so we’re stuck answering what our first primary school was, or our mum’s maiden name. In an age of social networks and search engines, these are trivial to get answers to.
So years ago, I started answering these with keysmashes. I’ve been using the same email (on a domain I control) for years, so I could always fall back to a password reset if I lose access to the account.
Unfortunately, that was before I had the misfortune of using an Apple ID. Don’t get me wrong, I adore my Macs and iTelephone, but their cloud services and iTunes Store posess the reverse-Midas touch.
Last week, I logged into the App Store on my iTelephone, and it asked for answers to my security questions to “verify my account”.
Isn’t that what a password is for?
Needless I say, I had no idea what the answers to these security questions were, so now I have to go through the Apple Support system to get this sorted out. Given its been four months and they still haven’t fixed my podcast listing, I doubt this will be dealt with quickly.