And the reason they have throwaway accounts is because 99% of the time, when I give someone a account or whatever, that address gets spammed, even though I told them not to put them on the mailing list (because they share the email with third parties, or just plain ignore it). In short, I doubt the need to contact a customer unsolicited is so great, common, or difficult as to require that a user disclose a non-obfuscated email address, which people already commonly have throwaways for. If it's CC info, you should contact the CC company, there should be 2FA, there should be more than an SSO service, which already prevents the biggest and worst security breach of leaked passwords. But if the information on the website is actually sensitive, then there should be additional checks to begin with. As for security problems, well I'm glad you're one of the few companies to actually disclose security breaches. Most places that I contact for support require me to put in a contact email for that ticket because people use throw-aways anyway. The OP says they have trouble with support, but they can (and it sounds like do) tell people to just check their Apple email. On the one hand, even Microsoft and Apple send me heaps of spam under the guise of "communication" and I don't want them to have my email address if I can avoid it. It's a fair point, and perhaps its one that the likes of Apple SignIn should solve. Tl dr email isn't needed, people are just used to it.
SEND APPLE RECEIPTS TO ALIAS PASSWORD
If password managers could start saving that you've got accounts associated with Apple/Facebook/Google and highlight the relevant button on sign-in, it would be a big feature improvement. it's like, I'm pretty sure I've signed up with something before, but who even knows which one, or multiple? My password manager is usually pretty good at letting me know if I've got a "normal" account with user/password, but it doesn't do anything to remind me if I ought to log in with one of the other services.Įvery time I'm occasionally asked to sign into Spotify, Pinterest, Medium, Quora, etc. I've got to say, I really wish there were a way to know whether I already used Facebook, Google, or Apple to log into a site or app before. So there's nothing specifically against Apple, despite the title seeming to imply it - just that they're taking the move right now because of Apple's new policy coming into effect. As they point out at the very bottom, all their arguments apply to all third-party sign-ons, so they're removing Facebook as well.
0 kommentar(er)
