Apple ID Security Increased with 3 Security Questions and Rescue Email Address

For those accessing iTunes today, you may have noticed Apple has added extra security to your iTunes Account by asking you to fill out three security questions and input an alternate recovery email address, as noted by numerous twitter followers (thanks @einsteinbqat) and ourselves this morning.

A pop up occurs within iTunes when you download an a paid or free app that urges you to improve the security of your Apple ID by choosing three security questions. After you enter your current password, you are taken to the security questions page:

Also, there is a space to add an optional rescue email address, to reset your info should your Apple ID email be compromised. At the bottom of the form, it reads “Apple uses industry-standard encryption to protect the confidentiality of your personal information.”

Here are some sample questions asked below. If you’re smart, don’t make your answers obvious:

Just a couple weeks ago, Wired reporter Mat Honan’s had his iCloud account compromised by a hacker that was able to use ‘social networking’ to convince an Apple phone support employee to reset his account. In response, Apple suspended phone password resets for 24 hours.

With these additional security questions now being asked in the event of account recovery, and the additional rescue email option, it should increase Apple ID security. But of course, nothing can beat a strong password, which Apple ID accounts now require a capital letter and numbers.

Let us know if you’ve filled out your three additional security questions.

Founder and Editor-in-Chief of Follow me on Twitter, and @iPhoneinCanada, and on Google+.

  • First off, I’m getting sick and tired of these comment systems that are seriously broken on IOS devices. I tried posting this no fewer than 3 times on my phone, it’s a joke. I don’t think it’s directly due to you guys, I’m pretty sure it’s not, but how the hell can these not be tailored for mobile? UGH.

    Anyway, onto this stupid, moronic and mind numbingly IDIOTIC step from Apple… Does that give you an idea of how I feel about it? It’s stupid. Stupid. Beyond stupid. Not the fact that we have to enter in security questions, that’s a smart security step and I’m all for it. That said, what I’m not for is the stupid, stupid, stupid way Apple is handling this.

    What I mean is that I should never, ever, ever be forced to THEIR questions, because for me, they are too damn open ended. The first food I learned to cook? The hell? Who remembers this?!? And if you do, don’t you think there’s a chance you might not remember if you need to try and recover it? I know I sure as hell have no clue. First place I flew to? Well I know the end location, but the way my brian works by the time I go back to it, I won’t remember if i put my final destination, or one of the destinations in between. It might be a no brainer while I’m entering it, but who knows where my brain is going to sit when I need to recover.

    My best friend as a teenager? Sure, I could answer that but again when I go to put it back in, what if I don’t remember if I put in the full name, or just the first name? First film I saw? Maybe it was one that I remember today, but in a year or 3 from now I might have forgotten..

    These are NOT appropriate questions for everyone. Maybe for some people they are, but there are easily more stock questions, mother’s maiden name, spouse’s maiden name, name of your eldest child, what city were you married/born in…

    The thing is, the questions need to have simple, unquestionable answers. Normally one word is the best, people are less likely to forget or screw those up. But instead now I need to have to either fake them, or I have to try and find a way to store them securely.

    For a company that prides themselves on forward thinking, this is just simply obtuse.

    ARGH. And to add insult to injury, thanks to Disqus I got stuck so I could no longer actually keep typing. WTF? Anyway, pain. in. the. rump.

  • Cam

    Apple, orange or pear? What was the first fruit I choked on. WTF!! Who was the genius (pun intended) who came up with this daft, arrogant and F for fail process for account security. Nick you said it all, obtuse!! I don’t even recall the name of the first girl I kissed (or much else), let alone what I made for dinner last night….

  • Husein S.

    You could try my strategy: I have a pool of about 3-5 words that are important to me. I use any of those words as the answer to secret questions, essentially ignoring the question. This way, I pick whatever “stupid” question I want but my answer is always one of the five. This probably adds an extra layer of security since these words have nothing to do with the answer. Give it a go…

  • lucascott

    That’s old, way before the hack. I was asked to do it a good 2-3 months ago

  • It’s a slow roll out, seems this wave was towards more Canadians.

  • Ted Popper

    This happened to me two weeks ago (in Australia)! I was asked for security questions that it claimed I had already answered! I have had this ID for years and have never answered any such questions. Clearly, while they were trying to fix something that wasn’t broken, they stuffed it up. On contacting Apple, I received a semi-automated letter 4 days later, after many (ignored) emails from me another one a week later. Nothing was resolved. The Apple tech support guys found it hard to believe and so on two occassions they contacted iTunes to help resolve it and they both reported being soundly rebuked for even daring to ask anything that could allow me access to credits that Apple was so happy to accept from me… it was suggested that they were dealing with a major problem and this simple issue could not be solved by any means and, i was told, for any time in the foreseeable future. What s really stupid is that one of the semi-automated emails asked me to provide my date of birth and postal address as verification — but you can change that in the account manager so was no form of authentication whatsoever. It is pseudo-security at is worst, and Apple’s complete refusal to communicate with customers – even to its own staff – is pathetic. The problem is fixed today I have noticed – you can reset the questions in the account manager, which could not be done before. But still no word (not even an automated one) from Apple to advise me that i can now spend the money that they were so happy to take from me in redeeming credits over two weeks ago!!! As for so-called security questions, one would suspect no problems guessing them for younger users – whose first car is probably the one they are driving now… sigh…

  • F apple

    F apple and there 3 security questions, actually F apple altogether. I HATE Apple! Switching to android sooner then later!!!

  • I still haven’t had this popup when I log into app store. But my daughter who is sharing my Apple ID is now seeing it on her phone. I’d rather set up these questions myself, so I went to the Apple website to do that using a PC + browser, but in the AppleID account settings page I can still only define ONE security question and NO recovery mail address.
    What’s the deal? What do I have to do, to define these security questions from here?
    (Problem is my daughter is in China for a week, and I don’t want her to mess this up by improvising a solution …).

  • Annoyed Rach

    This wouldn’t be an issue if the questions weren’t so damned stupid. It cancelled my purchase because I couldn’t find 3 separate questions in their lists that I would actually remember the answers to! I had to redo it until it randomly shuffled 3 questions in that I could actually use.

    Yet another reason to finish off my gift card credits quick and delete iTunes.

  • umm, you actually decrease security by opening another way to retrieve the account without the password. that’s another big messup from apple.

  • Spencer

    How the hell are we suppose to change the security question answers if you forget them!?

  • Michael

    Apple is terrible, along with Microsoft. For Apple, security questions that nobody knows the answer to, along with many other unresolved problems. As for Microsoft, XBox Live accounts that will work on the system, but any other systems or apps that link to your account, it says that they are being used. Then, when I go to “reclaim” it, after I enter the new password, it just says there’s an error, and brings me back to the beginning!!! WTF! Then I go to do it again, and it just happens again! I say screw Apple and Microsoft. I hate them all.

  • HZ

    i know right!! it should’ve just shuffle the freaking question!! i still have great balance in my apple account.. GOD!! im in such great lose!!

  • I entered my password, then the three security questions. It said my recovery e-mail could not be the same as my apple-id email. Thankfully I have multiple e-mails, not everyone does. Then I click done and it takes me back in an endless loop. I even tried to get my teenagers to help me out of this endless loop. They couldn’t figure it out. Finally, I noticed a button for “go” instead of “done” and was able to download the app. Good grief! My wife and kids don’t have this on their devices. What did I do wrong? How do I change my settings to get rid of this stupid layer of security?

  • annoyed at apple security q’s

    that is such a genius idea!!!!

  • unhappyapplesucker

    after being blindsided with the questions at 3 am after a few drinks when I just wanted to rent something to pass out to, I promptly forgot about it until I put a new cpu in my computer. I have now been locked out of my account for 6 weeks, can’t use the balance on my account, have somewhere around 1000 tv shows I have bought 100 or so movies, and have spent a couple thoushand on iTunes cards in the past. crApple wants me to get a credit card in my name to be able to access this account, I am on disability, so I need to put a 500$ deposit from my bank to get one, gonna take a year to save up for that, meanwhile I can’t access what I have purchased,
    I have been spending pretty much all my spare money on cards for almost 3 years, sold my dvd’s of things to buy the same stuff I had on iTunes, so I can’t even watch my old dvd’s.taking my money and denying me access to what I paid for is for my security they say…

  • alec

    who can help me. my Apple id (only used as email) is blocked and no rescue email and lost secret answers. as it is only an email adress I was not informed by tunes store to put up a rescue email.

    what to do. is it possible to recover email. or is there any way to delete the apple id id??

  • Aussie Bob

    I have the answer to the 3 question security crapp that Apple are forcing on customers in one word SAMSUNG