Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

This is confusing authentication and authorization. Is this phone legitimately tied to this Apple ID? Yes. Is the owner of the account authorized to make such a purchase? No.

A short appstore PIN could solve this much more easily.



I'm not so sure having _yet another_ PIN for users to remember would be a good idea. And besides, a short PIN would be far easier to deduce by looking over a person's shoulder.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: