Old Ipad not recognized

[nlinecomputers]

I've set up many accounts for other people, where from the get-go ownership information was entirely theirs, and the account associated with them.

I’ve seen plenty of devices where they were never consulted. Often by Cell or Big Box store techs. They just created an account put in worthless challenge answers and handed the device to the owner. Low paid clerks who don’t give a f. Or the children of elderly parents put it all in their name.

 

[timeshifter]

I’ve seen plenty of devices where they were never consulted. Often by Cell or Big Box store techs. They just created an account put in worthless challenge answers and handed the device to the owner. Low paid clerks who don’t give a f. Or the children of elderly parents put it all in their name.

Yep, see this all the time with Android phone users. Grunts that sell phones don't get paid to hold people's hands and set up their stuff. So they grab a free Gmail account and get it done. The user doesn't really know that they have a 2nd Gmail account or the password.

 

[carmen617]

If the iPad is accessible right now (i.e., they have the PIN and can enter the main screens, or they have no PIN at all) and it is NOT associated with an Apple ID (which is what they are claiming) then the client can just create an Apple ID and sign in. All the data on the iPad will be associated with that Apple ID and the client can then use it to backup the data using iCloud and restore it onto a new device.

If the iPad was set up with an Apple ID using one of the client's email accounts, but they don't have the password, it's simple to reset the password using reset links or straighten in out through Apple.

The only insurmountable problem would be if the iPad is actually already associated with an Apple ID that is from an unknown and inaccessible email account. Then they would have to sign out of that Apple ID to sign into a new one, and that would be impossible.

 

[Sky-Knight]

I’ve seen plenty of devices where they were never consulted. Often by Cell or Big Box store techs. They just created an account put in worthless challenge answers and handed the device to the owner. Low paid clerks who don’t give a f. Or the children of elderly parents put it all in their name.

@britechguy this... and in the age of automatic MFA, which Apple has joined entirely it's made even worse. Account recovery requires the use of the MFA token, or answers to the security questions ALONG WITH something else.

So if the user didn't put their own data in, the account isn't theirs. It isn't about Apple knowing, it's about the user being able to complete the procedure. And if the user didn't complete it themselves, they have no knowledge of it, they have no ability to handle it, they then have no means or right to access the data they ignorantly shoved into it.

This is a huge mess, one that cannot reasonably be unraveled. All I can do in these cases is explain the reality, setup things new, and point them at what to document so it doesn't happen again. They aren't going to pay me enough for the time it takes to unravel the years worth of stupid they hand me in such circumstances. Most of them in my area won't even pay for the time it takes to properly configure an account.

 

[overburnz]

@britechguy this... and in the age of automatic MFA, which Apple has joined entirely it's made even worse. Account recovery requires the use of the MFA token, or answers to the security questions ALONG WITH something else.

So if the user didn't put their own data in, the account isn't theirs. It isn't about Apple knowing, it's about the user being able to complete the procedure. And if the user didn't complete it themselves, they have no knowledge of it, they have no ability to handle it, they then have no means or right to access the data they ignorantly shoved into it.

This is a huge mess, one that cannot reasonably be unraveled. All I can do in these cases is explain the reality, setup things new, and point them at what to document so it doesn't happen again. They aren't going to pay me enough for the time it takes to unravel the years worth of stupid they hand me in such circumstances. Most of them in my area won't even pay for the time it takes to properly configure an account.

But that would be the case in apple ou Google users or any other situation

 

[britechguy]

I’ve seen plenty of devices where they were never consulted. Often by Cell or Big Box store techs. They just created an account put in worthless challenge answers and handed the device to the owner. Low paid clerks who don’t give a f. Or the children of elderly parents put it all in their name.

As have I. But that does not address the point I made.

We've all seen this. And the issue is not real ownership, but proving ownership of an account which one never even knew existed. Those are two utterly different things, and that matters. It's the split between those two things that's the actual problem. And the fact that the entities that control accounts have no reasonably easy way to assert ownership in these instances, where a device has been in use by the same person often for years, where they can tell you all sorts of "not easy to fake" information about what's on it, how long it's been in use, etc., is a major problem in the industry. It isn't protecting anyone.

 

[britechguy]

So if the user didn't put their own data in, the account isn't theirs. It isn't about Apple knowing, it's about the user being able to complete the procedure. And if the user didn't complete it themselves, they have no knowledge of it, they have no ability to handle it, they then have no means or right to access the data they ignorantly shoved into it.

Which, as I just stated above, is NOT the same as not owning it in reality. It is both insane and inane that procedures were not put in place, long ago, to allow a dirt common situation that is causing sheer hell for the legitimate owner of both a device and account to regain access to both. It's long past time that something be done to remedy that situation, as it is not going to go away.

 

[Sky-Knight]

But that would be the case in apple ou Google users or any other situation

Absolutely! There are three personal accounts we all have to own. Apple, Microsoft, and Google. The Apple or Google obviously coincides with which phone you decide to use. But even if you stick to one, you often need the other for other things. And it's no shock that all three companies have very similar support options for lost accounts!

@britechguy Free accounts have no support, the customer is the product. It's cheaper to cost them their own data, and make them start over for being stupid. For the rest, authentication is really hard... and it's impossible for anyone to expect any large technical provider to deal with constant resets. Any process that allows a reset, can and will be subverted, leading to increased risks. Fail closed is the save model. Account loss is the CHEAPEST PATH for both user and enterprise in this case.

If you don't want to lose your junk when it fails closed, you must keep your junk in order. There is no other way.

Note, all of this changes when someone purchases something with the above accounts. Because then you have a transaction record you can use as the 2nd factor along with device ownership. It's not perfect, but it's safe for 99% of cases. So not only do people need to document their security tokens, but they need to USE THEM!

 

[britechguy]

Account loss is the CHEAPEST PATH for both user and enterprise in this case.

Account loss is virtually never "the cheapest" option for individuals. In fact, given my personal experiences, I'd say it's the most expensive.

 

[britechguy]

and it's impossible for anyone to expect any large technical provider to deal with constant resets.

As an aside, and I have not needed to do this in a while, so things may have changed, Google used to have a reasonably good method for doing this (in my opinion). If you could provide a password (yes, password) that has been associated with the account at some point in the past, it could be unlocked. I've had to do this several times, including for my partner.

But, of course, this does mean that the person requesting the reset has to have known:
1. That the account existed.
2. That they used a password to log in.
3. That there is a record, whether "in the head" or elsewhere, of at least one of the passwords used.

But I will continue to assert that it is ridiculous that any major tech company cannot apply common sense that someone can produce "reasonable evidence" that an account active on a device they have in their possession, and can give a couple of other data points about that "no one else would likely know," that an account recovery is not possible.

Even though for free accounts "you are the product" there should be a vested interest in keeping you as the product, with all that has gone with that intact. It's also not rocket science to come up with a reasonably secure (note, reasonably, not Fort Knox/NSA secure) method to allow someone to reassert ownership over an account.

 

[Sky-Knight]

@britechguy

Emails are publicly known, and not private in anyway. The bad guys scan those off the net by the second. Old passwords? Yeah... they have those too.

That process is rife for abuse, and how large companies get sued for giving up account access.

That's why if you lose it, it's cheaper. The path you're talking about is ID theft heaven.