|
|
|
|
|
|
by ShadowBanThis01
986 days ago
|
|
|
Forcing people to use an E-mail address as a user ID is so amateur-hour that I don't even know where to begin dismantling it. You don't see banks or brokerages doing this. Why is it so dumb? Because the vast, vast majority of people have no idea how any of this shit works. So, when a company demands that you sign up with your E-mail address and enter a password, a great many people are going to think they have to use their E-mail password too. This makes every one of these sites a gatekeeper to its users' E-mail accounts. If their security practices suck and they're hacked, or a disgruntled employee steals their records, or whatever... now a ton of their users' E-mail accounts are open for mining. The failure to think this obvious scenario through is appalling. It's also appalling to see companies like Apple perpetrating this stupid behavior, especially AFTER the fact. Apple IDs originally did not have to be E-mail addresses. And later on, they did not have to be FUNCTIONING E-mail addresses. Now they've regressed all the way and they have to be both. And so Apple, per its usual M.O., has had to tack on various extra measures since then to try to shore up security. In case you couldn't tell, I absolutely detest this policy. |
|
|
Then don't let them use it. We don't let people drive who don't know how to safely operate a car. We don't let people make food in commercial kitchens without training. We let users run free with no knowledge, then build systems to stop them from hurting themselves, it's absurd.