Why can't I use my iCloud email address as my Apple ID

bluefox34 wrote:

gail from maine wrote:

So, you are claiming that even with 2-step verification that you think you can get into my Apple ID? How, exactly, would you be getting the verification code to do such a thing?

GB

Again, 2FA protected accounts can be broken into with a compromised primary address. Bruce Schneier talks about 2FA weaknesses and you can google him up. You guys need to understand that security is broken at its weakest link, not the strongest. If apple can go through the effort to implement 2FA, why continue to require an external apple id address/primary address? What is the benefit?

And again I've already offered to show it to you. If you're so confident in your account's security, what do you have to lose?

I am 100% sure that you can not, so please, crack my iCloud account.

How much time will you need to crack my account, would a week be enough or will it take longer? we could meet back here in 7 days and you can show us your success, or vice versa.

bluefox34 wrote:

Csound1 wrote:

Don't waste your time Gail, you can't match wits against an unarmed adversary, it never stops 🙂

I am not your adversary. You really have a negative way of thinking.

Read it again, you seem to have a serious comprehension problem.

And where is that quote of me recommending posters to give up their Apple address? I am still waiting for you to backup anything you have said to date.

In case you forgot this is what you claimed "Says the person who was recommending abandoning apple id email address (which Apple explicitly advises against doing)"

And it is a lie, your house is already made of glass.

I have no idea what you are babbling on about. I did look up Mr. Schneier, and the article that he has on the weakness of 2FA is specifically related to Banks, to fake websites, and to Trojans. How do any of these things apply to an Apple ID? What are you even talking about when you say:

If apple can go through the effort to implement 2FA, why continue to require an external apple id address/primary address? What is the benefit?

I have no interest in providing you with access to my information. Do you think I'm stupid? I have LifeLock, I have alerts for every Bank and Amex transaction processed on my accounts, and emails from Apple when someone signs onto Find My iPhone. So, clearly, I am doing my best to be aware of any activity going on with any of my valuable information. The last thing I'm going to do is to provide some stranger with my information just because they are baiting me to do so....SERIOUSLY????

Whatever it is you are purporting, you don't seem to be able to articulate it in a clear and unambiguous manner. I have no clue what point it is you are trying to make, or what it is you are attempting to accomplish.

So, bye now....

GB

gail from maine wrote:

I have no idea what you are babbling on about. I did look up Mr. Schneier, and the article that he has on the weakness of 2FA is specifically related to Banks, to fake websites, and to Trojans. How do any of these things apply to an Apple ID? What are you even talking about when you say:

If apple can go through the effort to implement 2FA, why continue to require an external apple id address/primary address? What is the benefit?

I have no interest in providing you with access to my information. Do you think I'm stupid? I have LifeLock, I have alerts for every Bank and Amex transaction processed on my accounts, and emails from Apple when someone signs onto Find My iPhone. So, clearly, I am doing my best to be aware of any activity going on with any of my valuable information. The last thing I'm going to do is to provide some stranger with my information just because they are baiting me to do so....SERIOUSLY????

Whatever it is you are purporting, you don't seem to be able to articulate it in a clear and unambiguous manner. I have no clue what point it is you are trying to make, or what it is you are attempting to accomplish.

So, bye now....

GB

That's about the smartest thing you have said. I think even you now understand that there's no such thing as 100% security and the more weaknesses you add to the system the worse the security becomes. That was the point.

You may not be stupid but your friend here is willing to offer his apple id email account to satisfy his ego. So let's see what happens.

bluefox34 wrote:

You may not be stupid but your friend here is willing to offer his apple id email account to satisfy his ego. So let's see what happens.

I am not giving you the ID, you are the one that claims to be able to hack the account, so hack it.

You claim to be able to hack my iCloud account, I am still waiting for you to live up to that. I do not think that you can and that you are trolling, time to do what you say you can, your credibility is at zero, here's a chance to improve it.

I will bet right now that you can not do what you claim to be able to do.

Well, it doesn't take a rocket scientist to understand that if you are an idiot, and you don't protect yourself in an intelligent and observant manner, then bad things can (and likely will) happen. So, if you mean that the inherent weakness in the system is human fallibility or the dazed and confused state of many people when it comes to technology, then, of course, that is the primary weakness.

However, I totally disagree with you that there is an inherent flaw in the security system that Apple has if people follow common sense, and don't put the same password (the one that is the same name as their pet or that is their birthday or that is their spouses name) on every account they own, and don't click on links in emails and send people their credit card information, Apple ID, password, or whatever else is being sought by the lowlifes who send are out there phishing for gullible, naive people who really just don't know any better. The flaw is in the human, not the system.

GB

Not to menton that choosing one of the least private or secure systems in existence (Gmail) means that you start at a very low level. Even if no one hacks it Google can and will sell the information stored in your account as they see fit (that's how they explained their nasty practices to Congress)

After choosing Gmail privacy is gone whatever you use it for.

Yeah - I have not heard good things about Gmail. I always avoid the "Ad" options in my results list on a search for the same reason. Usually the very next item on the list is exactly the same without the "Ad" indicator, so why link up my logon with every vendor I look up just to be pestered by them for the rest of my life....

I prefer Google as my search engine, but I'm not going to be suckered into their little traps if I can avoid it.

As far as mail goes, I'll stick with my Apple account.... 🙂

GB

gail from maine wrote:

Well, it doesn't take a rocket scientist to understand that if you are an idiot, and you don't protect yourself in an intelligent and observant manner, then bad things can (and likely will) happen. So, if you mean that the inherent weakness in the system is human fallibility or the dazed and confused state of many people when it comes to technology, then, of course, that is the primary weakness.

However, I totally disagree with you that there is an inherent flaw in the security system that Apple has if people follow common sense, and don't put the same password (the one that is the same name as their pet or that is their birthday or that is their spouses name) on every account they own, and don't click on links in emails and send people their credit card information, Apple ID, password, or whatever else is being sought by the lowlifes who send are out there phishing for gullible, naive people who really just don't know any better. The flaw is in the human, not the system.

GB

Agree with you mostly. but I still feel that apple owes it to us to make every reasonable attempt to protect its users. You may be able to understand but most people have a hard time. It doesn't mean that they're stupid though. we just have to agree to disagree and remain civil.

Google were called to a congressional hearing to explain their methods. Selling information from user accounts is how they make their money. It's in the fine print.

It's about as secure as a paper bag, (especially if you can pay for other peoples information) which with Google you can.

I agree that everyone that doesn't "get it" is not stupid. In fact, most of them are simply naive or gullible. However, some of them are just idiots, or worse yet, are just lazy....

However, I also think that if people want to indulge in using technology, they need to take a little personal responsibility. It's not like the dangers of being hacked have not been widely reported. It's also not like there aren't tons of resources available to educate oneself. If a person can spend hours at a time surfing the net, then they can also spend a little bit of time to use that same tool to get educated.

A lot of people who post to this forum are simply clueless, and I really feel for them when something untoward has happened. For people like that, I want to reach out and do anything I can to help them. But then there are the people who post who are angry that things weren't done magically for them. They haven't take the time to find out how things work, so they want to blame everyone but themselves for the issues they are having.

And every time Apple does employ extra security to protect those users who just don't know any better, there are tons of other users who lash out about Apple trying to be "Big Brother", and Apple not giving them the choice to, say, not get alert emails when someone signs onto Find My iPhone from an iOS device. I can't tell you how many people get furious about the Activation Lock. So, it is really not a winnable situation. There is only so much hand-holding that can be done....

GB

I have been led to believe I can create a new account and use an icloud.com email address as my primary email account.

If this is possible I would like to create a new account with an icloud.com email address as my primary email account and stop using my existing account.

Is there a downside to this?

You cannot create a new Apple ID using any Apple domain: @me.com, @mac.com, or @iCloud.com.

An @iCloud.com email address is email address that is associated with the iCloud account that is tied to another Apple ID.

You can change your primary Apple ID to (or set up a new Apple ID using) any other valid email address except an Apple domain address.

If you EDIT an existing Apple ID to a new email address, all purchases under that Apple ID remain with that Apple ID. If you set up a new Apple ID, all purchases made with the previous ID, and the associated iCloud account stay with previous ID, and a brand new iCloud account and all new purchases need to be made with the new ID.

Cheers,

GB

While this is true for new accounts, it's still ridicoulous the early users of iCloud cannot do this.

If you have a non-Apple email as your AppleID you can still not change it to a me.com or icloud.com email address.

Apart from being complicated and confusing there is also a huge security risk here.

Many people will simply use something like an old Gmail account that they don't frequently access.

All email regarding your AppleID will ONLY be sent to the primary email address.

So, while you can use your iCloud address as an alternate AppleID and use it everywhere, all communications regarding AppleID are always sent to the primary address.

This whole situation is completly ridicoulous and not in the Apple spirit of keeping things safe and simple.

Apple Support knows about the problem for a while, but says it simply can't do anything about it as it is an 'engineering' issue.

This should be fixed ASAP.

I agree, this is a huge pain. But you can indeed make your @me/@icloud email your primary email address, and all correspondence will then be sent to that address. Also, you can actually log in using your @me email. Of course, you can also use your old legacy Apple ID email to log in, and it will often appear as your "user name" when you are logged in to some services, but I've found this is a decent work-around.