I think it's fair to say that any major service should be offering two factor authentication. Amazon does, Google does, Dropbox does, Facebook does. Why not Apple too? Why not Twitter?

Somewhat related, if anyone wants to get two factor auth working for their OS X login, instructions are at the bottom of this page:

https://code.google.com/p/google-authenticator/wiki/PamModul...

Though I can't speak to how well it works (if at all) it at least makes me hopeful someone will implement it more sensibly at a later date...

While not really applicable to any of the situations he described; I really wish more applications/companies/etc would use 2-factor authentication. It really baffles me that more applications DON'T use it, such as banking applications where I personally consider 2-factor auth a must.

Good point. Worth noting that there already are two passcodes (potentially)... one is the account password and the other is the unlock PIN. It'd make sense if they required the unlock PIN for free/cheap apps.

Or simply add an option to disable passwords for free apps. Having two passwords will confuse average people, so of course Apple won't do that.

I'm a little late to this, but my wife and I share an iTunes account since we have shared devices. The fact that the same password is used to download a free app and to REMOTE WIPE my primary business machine is terrifying. I would like that nuclear password to be 20 random characters and symbols, please, not one that I have to type in on my iPhone whenever I download the new Cut the Rope.

It's just upsetting to think back to the story of the gentleman who had every single device wiped remotely after someone called into Apple support and impersonated him with publicly available information from his Amazon account. Yet very little has been done.

+1,000,000!

Apple's myriad of logins and passwords is so frustrating to me. I had an iTunes ID for years and can't use it for anything anymore because it is not an email address. It is such a pain in the ass to do anything. I have two apple ids, an icloud account and a game center account.

The edge cases (10% of users who would use multiple icloud/gamecenter accounts) are making things a huge pain in the ass for 90% of users who are the only person that uses their iphone for app downloads, icloud, music and game center.

Forget two passwords.

Apple needs to accommodate two IDs. Single ID is a problem.

I have my ID for whatever is "mine": stuff which I wish to exclude everyone else from. I need another ID for my family: stuff which should be shared among others who have a practical right thereto by relationship. Next I need another ID for work: identifying me, but shared with my company and which I renounce access to should I leave. All of these would overlap, recognizing that data in my life is compartmentalized in Venn diagram fashion.

Agreed, Apple's authentication system is obnoxious. Compounding this is the fact that they force you to reset your password if you enter it wrong more than once, ensuring that you're never going to remember it. I basically have to answer my security questions and pick a new 8-char password with upper and lowercase letters and numbers every time I want to download a new app.

Why even bother asking for a password for free apps? That's stupid.

Apple already allows this and more, though it is not obvious and there is no free/paid app distinction.

http://gigaom.com/apple/how-many-apple-ids-should-your-famil...

Having 2 passwords does not really solve the problem. I understand where the writer is coming from, but it is a gray area to define what is considered "high risk" vs "low risk". Using two factor authentication for selected task seems to make more sense.

I completely agree! Users should be better educated about the risks they put themselves to, but we all should also be aware of the crazy social engineering exploits that we expose are precious machines to.

This article made me certainly think twice about my password policies: http://www.wired.com/gadgetlab/2012/08/apple-amazon-mat-hona...

Judging by the sheer difficulty normal people experience with iCloud and App Store logins when they use iOS devices, Apple should try to figure out a way to have zero passwords. Its support must get a ridiculous number of calls from people who locked out their phones or iCloud accounts and then forgot their passwords. I suspect that an interesting solution to this problem is brewing behind closed doors in Cupertino.

Tangential, but I am a little frustrated that I can't sign into one of my google products without being signed into all of them. I get so nervous any time I sign into google music somewhere that I'm not necessarily actively monitoring because it means someone can just type "mail.google.com" into the browser and basically unlock my whole life.

(I'm not making any statement on apple or apple vs google)

Why not use multiple IDs? one very simple passworded for purchasing apps, one complicated password for master syncing, phone deleting functions?

They already allow this. I use one Apple ID for iCloud and a different Apple ID for purchases in iTunes/AppStore.

This hits the nail on the head. As the OP says, having to use the same password for purchasing $0.99 apps (where something as simple as a pin number would suffice) and tracking/erasing an entire device (where anything but a strong password would be crazy) just doesn't make any sense.

I use separate accounts for iCloud and iTunes (and Developer, and Support Forums), which seems to solve this. It wasn't on purpose -- I had a nice short 3-letter MobileMe username that I didn't want to give up, and a lot of existing iTunes purchases.

I agree with this; I feel distinctly uncomfortable using the same password for both my developer account and "Free" app and family downloads. The appleid system really needs an overhaul.

I would prefer a possibility to enable a PIN code to work as the default password for all stuff on my iOS devices. After three invalid PINs, ask for the regular password. Simple.

You can use any random email address for iCloud and use a different one for iTunes. It works fine and that way you can separate them cleanly.

Really good point. s/Apple/everyone/, of course -- Google suffers from the same issue, but it's less worrisome thanks to two-factor.

Having two passwords seems very un-Apple like. Simplicity, minimalism. And you can just use two separate accounts today anyways.

I'm not so sure about this idea. If you have trouble remembering one password, you're definitely not going to remember two.

hey guys - you know, there is life beyond Apple

Sorry, you have just infringed Apple Patent #2323232323. Hide. Now.