Tomas Chlebek Security issues, mainly from the point of view of security, a somewhat outdated but widely used concept today, encountered by almost everyone who has set up, for example, an e-mail box on the Internet. They are also still used by Apple, for example when changing Apple ID settings.
The two biggest issues in security questions are security and efficiency. Questions like "What was your mother's maiden name?" can be guessed by anyone with information about the original creator of the answer. On the other hand, even the owner of the given account can forget the correct answer. The best solution to the first problem is to set/change the answers so that they cannot be guessed, i.e. answer falsely or with a code. (Then it's a good idea to save the answers somewhere safe.)
Questions and answers can be changed on iOS devices in Settings > iCloud > User Profile > Password & Security. This can be done on desktop after signing in to your Apple ID on the web in the "Security" section.
The second mentioned problem occurs if the user forgets the answers to the questions, which often happens especially in cases where you only answered the questions once, and that was a few years ago. This can be solved in several ways, guessing is not one of them. After five unsuccessful attempts, the account will be blocked for eight hours and the possibility to add other verification options will definitely disappear (see the next paragraph). Therefore, we strongly advise against guessing more than five times.
It is possible to renew the questions through a "renewal email", a trusted phone number, a payment card, or another device in use. All these items can be managed in Settings in iOS or on the Apple website. Of course, it is recommended that you fill in all of them if possible to avoid a situation where no means of retrieving forgotten questions is available. In addition, the "recovery email" must be verified, which is done at the same place in the Settings iOS or web.
But if you still run into "forgotten" security questions and you don't have a recovery email filled in (or you no longer have access to it, because years later you often find an unused address), you need to call Apple support. On the website getsupport.apple.com you choose Apple ID > Forgotten security questions and then you will be contacted by an operator with whom you can delete the original questions.
However, if you get your account locked out after getting the security questions wrong multiple times, while having no verification option active or usable that an Apple operator can help you with, you may end up in an impasse from which there is no way out. As in your text points out Jakub Bouček, "until recently it was possible to rename an account and create the same one with the original name - unfortunately, this change also requires answering security questions".
Two-factor authentication
The best way to deal with current or potential security issues and to further secure your Apple ID is to activate two-factor authentication. If you already use the account on two or more devices, or if you have a payment card entered in the account, you will not even need to know the answers to the questions to activate it. If not, they need to be answered one last time.
After two-step verification is enabled, when you change your Apple ID settings, sign in on a new device, etc., a code will be required to be displayed on one of the other devices linked to that account. If two-step verification is deactivated, then new questions and answers must be selected.
It is important to remember that a possible pitfall of two-factor authentication is that you need to have at least two devices from the Apple ecosystem working at all times in order to get a verification code. In case of loss/unavailability of other trusted devices, however, Apple still offers a way, how it is still possible to get access to an Apple ID with two-factor authentication.
So if I understand it correctly and I already have two-step login set up, sure. the questions and answers have automatically been disabled and I don't have to think about them so I won't be using them in the future. It is so?
Exactly.
Apple confirms this in its document: "If you can't remember your security questions, you can set up two-factor authentication."
https://support.apple.com/cs-cz/HT201485
then of course it has another condition, another device and it must be functional. if, for example, you only have an ipad and a phone and you lose both in your bag :)))
You shouldn't be in the sack. There is a so-called Recovery Key, which is created for you when two-phase verification is turned on (it looks like a software license key). If you save it somewhere safe, you should be able to access your account using it.
At a minimum, Apple offers a way to regain access to your Apple ID with two-factor authentication even if you don't have a second device. https://support.apple.com/cs-cz/HT204921
thanks for the article .. of course blocked but the help helped ... the main plus .. I got to it when support is at work :)
Unfortunately, even here Apple went the DIY way and instead of using the standard and we had the option to save the code generator in e.g. 1Password, you have to have another device and, above all, a functional one...
I would also like to point out that when you call for technical support, speak in English or another world language. Otherwise, if you don't know a world language, you're out of luck...
Taráš 2n3 Vlado. I called CZ support about this a year ago and we solved everything just fine, and I also have 2-phase. (I had a problem with verification because I accidentally entered the wrong email with the ending "@gmail.sk" :-D )
So for our people, you need to call CZ support and they will solve everything ;-)
Um, if that's the case, I apologize. I thought there was no support for cz and sk. In any case, I don't have to count 2 to 3 right away. May I know what number you called?