[threeseed]

Apple had to lock down iOS in 17.4 because enough people were being tricked into entering their passcode by a thief who in turn would steal the device, access their passwords and drain their bank accounts.

So not sure that allowing pairing between different accounts and relying on a passcode for security is going to be that secure.

[chrnola]

Consider the setup process for the Apple TV. The TV shows a unique one-time-use QR code-like pattern that you can scan with the camera of an iOS device. Surely something like this would be sufficient for pairing a Vision Pro with a Mac.

Also the security implications of encouraging people to add their personal Apple ID to devices they don’t own are, IMO, worse.

[DaiPlusPlus]

I'm being more cynical and assuming it's probably to do with AirPlay screen-mirroring encryption and how tying everything to the same Apple ID account placates Hollywood's technophobic licensing execs.

[kayodelycaon]

I think it’s a lot simpler than that. If they require both devices are logged in to the same account, they don’t need to deal with authorization. You would not believe how much development time this saves.

[threeseed]

Except that you can have a different AppleID for your system versus content.

[chrnola]

This is an incredible point that I had not considered.

[fastball]

Honestly the real problem with security is the whole passcode -> Face ID -> passcode flow.

It is relatively easy for someone to see the passcode that unlocks my phone, in one way or another.

All of my banking apps are locked behind Face ID. But if you lock an app with Face ID, you can just override with the phones passcode. This is dumb.

The app Face ID backup passcode should be separate from the device unlock passcode, or that should at least be an option. Maybe I'm at a party and I want someone to be able to unlock my phone to use Spotify, but I don't want to also give them access to all my banking apps.

[piskov]

The idea of FaceId is to minimize the use of a passcode so that wouldn’t be stolen in the first place.

In if you worry about that, then probably disable faceid for banking apps :-)

Apple also recently implemented optional stolen device protection in faceid settings just for this case: delay is introduced to be allowed to change the password and other related things.

[theshrike79]

And preferably don't have a numerical passcode.

It's really easy to shouldersurf a numerical passcode, the buttons are so big and clearly placed.

It's a lot harder to do with a CorrectHorseBatteryStaple style password.

[pests]

I have witnessed a few banking apps on Android not offer the pin option and also requiring an app-level login again after disabling biometrics.