This article has multiple issues. Please help improve it or discuss these issues on the talk page . (Learn how and when to remove these messages)
|
Apple Account, formerly known as Apple ID, is a user account by Apple for their devices and software. Apple Accounts contain the user's personal data and settings, and when an Apple Account is used to log in to an Apple device, the device will automatically use the data and settings associated with the Apple Account. [1]
An Apple Account can be created by going to the associated website. [2]
Users can change their passwords or personal information on the My Apple Account page by selecting the "Manage your account" link. Changes that a user makes to an Apple Account account, whilst they are using one Apple product, [3] are also recognized by other applications where the user uses the same Apple Account account (for example, the online Apple Store, iCloud, or Photos). [4] Apple will send a verification message to the email address provided, and the user is required to follow the URL included in the verification email to confirm the changes. After confirming the changes, users may still be asked to verify their information the next time they use their Apple Account to purchase, such as using the App Store.[ citation needed ]
Users can use different Apple Accounts for their store purchases and their iCloud storage and other uses. This includes many MobileMe users who have always had difficulties as they were forced to use more than one Apple Account, because on signing up to the MobileMe service a new Apple Account was automatically created using the me.com email address being created at the time, meaning users could not change their previous Apple Account email address to be their me.com email address, and it has always remained so. Apple does not permit different accounts to be merged. [5] However, if one account is disabled (in most cases, due to fraudulent transactions or other abusive activity or for security reasons), any other accounts associated with the primary account will also be disabled, and the user cannot create any new accounts until the affected account has been unlocked. [6]
An Apple Account is not required to place an order with Apple. Apple lets buyers place orders on its online store without an Apple Account by using the Guest Checkout Feature. An Apple Account and the Guest Checkout Feature both allow the customer to access order info such as invoices, check the order status, and track the shipping package. However, Apple Accounts allow users to customize their Apple Online Store experiences. Users can save items they are interested in purchasing; save a cart if they are almost ready to place an order; save shipping and billing addresses and payment information to speed up the checkout process; use 1-Click ordering on Apple's website and check Apple Gift Card balances. [7]
iCloud allows users to store data such as music and iOS applications on remote computer servers [8] for download to multiple devices, such as iOS-based devices running iOS 5 or later, [9] and personal computers running OS X 10.7.2 Lion or later, or Microsoft Windows (Windows Vista service pack 2 or later). iCloud replaced Apple's MobileMe service, [10] acting as a data syncing center for email, contacts, calendars, bookmarks, notes, reminders (to-do lists), iWork documents, photos and other data. The service also allows users to wirelessly back up their iOS devices to iCloud instead of manually doing so using iTunes.
Every Apple Account comes with 5 GB of free storage. More storage is available with a subscription. [11]
An Apple Account is a valid email address, protected by a password set by the user of at least eight characters. [12] Apple will send a verification email to the email address the user provided, and the user is required to follow the URL included in the verification email to activate the account. It is possible to create an Apple Account without specifying a credit card. [13]
In March 2013, Apple launched two-factor authentication for Apple Account. The feature uses the Find My service to send a four-digit pin code to a trusted device associated with the Apple Account when the second verification step is required for authentication. [14]
On June 9, 2019, Apple unveiled a single sign-on provider built around Apple Account known as "Sign In with Apple". Based on OAuth 2.0 and OpenID Connect, it is designed as a privacy-focused alternative to other social login services, minimizing the amount of personal information sent to a service, and allowing the use of disposable email addresses forwarding to the user's Apple Account email. [15] [16]
An Apple Account may be disabled for security reasons if the password is entered incorrectly multiple times. The user will be warned with a message when the account has been disabled. [17] Apple Accounts and passwords can be retrieved by answering account security questions on iForgot or by resetting from a trusted device with iCloud enabled and an unlock passcode set. [17] [18] For security reasons, if Recovery Key or Two-Step Verification (not Two-Factor Authentication) is turned on, Apple will not reset the password for an Apple Account. [19] To reset the password when these security features are enabled, both the Recovery Key and at least one trusted device is required. [20]
Another error is "Your Apple Account has been disabled" without specific disclosure of a reason. The cause of this suspension is most likely due to a violation of the Apple Media Services Terms and Conditions (i.e., due to scams and other fraudulent activities) and resetting one's password does not clear it. [21] It has been reported as occurring on iOS devices as well as on Macs and PCs. One can request a review of an Apple Account by contacting iTunes Store support at www.apple.com/support/itunes. As of August 2021, due to the accuracy of the system, the decisions to disable Apple Accounts are rarely overturned, as the likelihood that the system would incorrectly disable any given Apple Account is less than one in one trillion per year (most likely due to CSAM detection, a safety feature that Apple had proposed but was later shelved). [22]
In both of the above cases, the user's profile will not be visible to anyone on iMessage or FaceTime, and they will not be able to sign in. The issue needs to be resolved within a set period (approximately 14–30 days in most cases). If too much time has passed since the Apple Account has been disabled, it will be permanently disabled and the user can no longer unlock it nor create any new Apple Accounts.
Every iCloud automatically has standard data protection. All data is encrypted, and encryption keys are stored securely in Apple data centers to assist in case of account recovery. Only certain data is end-to-end encrypted, including iCloud Mail, Photos, and health data. In total, fourteen services are end-to-end encrypted.
Additionally, Apple offers Advanced Data Protection for iCloud, which is targeted at an audience of politicians, journalists, and other people who have important data on their iCloud accounts. With this, twenty-three services are end-to-end encrypted. If one loses access to an account with Advanced Data Protection, it is more difficult to recover the account. [23]
A password, sometimes called a passcode, is secret data, typically a string of characters, usually used to confirm a user's identity. Traditionally, passwords were expected to be memorized, but the large number of password-protected services that a typical individual accesses can make memorization of unique passwords for each service impractical. Using the terminology of the NIST Digital Identity Guidelines, the secret is held by a party called the claimant while the party verifying the identity of the claimant is called the verifier. When the claimant successfully demonstrates knowledge of the password to the verifier through an established authentication protocol, the verifier is able to infer the claimant's identity.
Hushmail is an encrypted proprietary web-based email service offering PGP-encrypted e-mail and vanity domain service. Hushmail uses OpenPGP standards. If public encryption keys are available to both recipient and sender, Hushmail can convey authenticated, encrypted messages in both directions. For recipients for whom no public key is available, Hushmail will allow a message to be encrypted by a password and stored for pickup by the recipient, or the message can be sent in cleartext. In July 2016, the company launched an iOS app that offers end-to-end encryption and full integration with the webmail settings. The company is located in Vancouver, British Columbia, Canada.
FileVault is a disk encryption program in Mac OS X 10.3 Panther (2003) and later. It performs on-the-fly encryption with volumes on Mac computers.
Single sign-on (SSO) is an authentication scheme that allows a user to log in with a single ID to any of several related, yet independent, software systems.
Keychain is a password management system developed by Apple for macOS. It was introduced with Mac OS 8.6, and was included in all subsequent versions of the operating system, as well as in iOS. A keychain can contain various types of data: passwords, private keys, certificates, and secure notes. Some data, primarily passwords, in the Keychain are visible and editable using a user-friendly interface in Passwords, a built in app in macOS Sequoia and iOS 18 and available in System Settings/Settings in earlier versions of Apple's operating systems.
A Google Account is a user account that is required for access, authentication and authorization to certain online Google services. It is also often used as single sign-on for third party services.
Password fatigue is the feeling experienced by many people who are required to remember an excessive number of passwords as part of their daily routine, such as to log in to a computer at work, undo a bicycle lock or conduct banking from an automated teller machine. The concept is also known as password chaos, or more broadly as identity chaos.
LastPass is a password manager application. The standard version of LastPass comes with a web interface, but also includes plugins for various web browsers and apps for many smartphones. It also includes support for bookmarklets.
iCloud is a cloud service operated by Apple Inc. Launched on October 12, 2011, iCloud enables users to store and sync data across devices, including Apple Mail, Apple Calendar, Apple Photos, Apple Notes, contacts, settings, backups, and files, to collaborate with other users, and track assets through Find My. It is built into iOS, iPadOS, watchOS, tvOS, macOS, and visionOS. iCloud may additionally be accessed through a limited web interface and Windows application.
A Microsoft account or MSA is a single sign-on personal user account for Microsoft customers to log in to consumer Microsoft services, devices running on one of Microsoft's current operating systems, and Microsoft application software.
Touch ID is an electronic fingerprint recognition feature designed and released by Apple Inc. that allows users to unlock devices, make purchases in the various Apple digital media stores, and authenticate Apple Pay online or in apps. It can also be used to lock and unlock password-protected notes on iPhone and iPad. Touch ID was first introduced in iPhones with the iPhone 5s in 2013. In 2015, Apple introduced a faster second-generation Touch ID in the iPhone 6s; a year later in 2016, it made its laptop debut in the MacBook Pro integrated on the right side of the Touch Bar. Touch ID has been used on all iPads since the iPad Air 2 was introduced in 2014. In MacBooks, each user account can have up to three fingerprints, and a total of five fingerprints across the system. Fingerprint information is stored locally in a secure enclave on the Apple A7 and later chips, not in the cloud, a design choice intended to secure fingerprint information from users or malicious attackers.
Proton Mail is a Swiss end-to-end encrypted email service founded in 2013 and headquartered in Plan-les-Ouates, in the Canton of Geneva of Switzerland. Proton Mail is now run by Proton AG, which also operates Proton VPN, Proton Drive, Proton Calendar, Proton Pass and Proton Wallet. It uses client-side encryption to protect email content and user data before they are sent to Proton Mail servers, unlike other common email providers such as Gmail and Outlook.com.
Threema is a paid cross-platform encrypted instant messaging app developed by Threema GmbH in Switzerland and launched in 2012. The service operates on a decentralized architecture and offers end-to-end encryption. Users can make voice and video calls, send photos, files, and voice notes, share locations, and make groups. Unlike many other popular secure messaging apps, Threema does not require phone numbers or email addresses for registration, only a one-time purchase that can be paid via an app store or anonymously with Bitcoin or cash.
The American cloud storage and file synchronization company Dropbox Inc. had several security and privacy controversies. Issues include a June 2011 authentication problem that let accounts be accessed for several hours without passwords; a July 2011 privacy policy update with language suggesting Dropbox had ownership of users' data; concerns about Dropbox employee access to users' information; July 2012 email spam with reoccurrence in February 2013; leaked government documents in June 2013 with information that Dropbox was being considered for inclusion in the National Security Agency's PRISM surveillance program; a July 2014 comment from NSA whistleblower Edward Snowden criticizing Dropbox's encryption; the leak of 68 million account passwords on the Internet in August 2016; and a January 2017 accidental data restoration incident where years-old supposedly deleted files reappeared in users' accounts.
Bitwarden is a freemium open-source password management service that is used to store sensitive information, such as website credentials, in an encrypted vault. The platform hosts multiple client applications, including a web interface, desktop applications, browser extensions, mobile apps, and a command-line interface. The platform offers a free US or European cloud-hosted service as well as the ability to self-host.
Sign in with Apple is a single sign-on provider operated by Apple Inc., introduced on June 3, 2019, at Apple's 2019 Worldwide Developers Conference (WWDC) in iOS 13.
iOS 16 is the sixteenth major release of Apple's iOS mobile operating system for the iPhone. It is the successor of iOS 15, and was announced at the company's Worldwide Developers Conference (WWDC) on June 6, 2022, alongside iPadOS 16, and released on September 12, 2022. It was succeeded by iOS 17 on September 18, 2023.
Microsoft Autofill is a password manager developed by Microsoft. It supports multiple platforms such as Android, iOS, and Google Chrome or other Chromium-based web browsers. It is a part of Microsoft Authenticator app in Android and iOS, and a browser extension on Google Chrome. It stores users' passwords under the user's Microsoft Account. It can import passwords from Chrome and some popular password managers or from a CSV file. In Microsoft Authenticator app, it requires multi-factor authentication to sign in which provides an additional layer of security. The passwords are encrypted both on the device and the cloud.
The iOS operating system utilizes many security features in both hardware and software, from the boot process to biometrics.
Passwords is a password manager application developed by Apple Inc. available for devices running iOS 18, iPadOS 18, macOS Sequoia, and visionOS 2 or higher. The app allows users to store and access encrypted account information saved to their iCloud Keychain or created via Sign in with Apple. Passwords can also be accessed through the iCloud for Windows program.