Who is it safe or unsafe to give my password to? I’ve had no problems giving
it to iTunes or the App Store, but I don’t know who else to trust
In this excerpt from
Answercast #60, I look at how passwords work and what “not giving them out”
Become a Patron of Ask Leo! and go ad-free!
What is a password?
There’s a little bit of a misconception going on here.
When you set up a password, you’re setting up a username and a
password to access an account or a service or a whatever. You
then have to supply that password to that service.
In other words:
If you set up a username and password for Hotmail, then you must supply
that username and password to Hotmail.
If you have a username and password set up for iTunes, then you need to
supply that username and password when you access iTunes.
When we talk about not giving your password to other people or to other
services, what we really mean is don’t give your “Hotmail password” to somebody
else. Don’t give your “iTunes password” to somebody that isn’t iTunes. Don’t tell
a friend. Don’t tell your brother. Don’t tell your family members. Keep it
private. Keep it safe. Keep it secret. Keep it secure.
Unauthorized password use
The problem is that if somebody knows your password then they can go login
to say the iTunes store without your permission and cause for example music
to be purchased that you end up having to pay for – that they end up
So, that’s what’s really meant by keeping your password secure. Don’t give
it anybody else. Only use it for the purpose, which that password was created
Use the iTunes password for iTunes;
Use the Hotmail password for Hotmail;
Use any of the other hundreds of passwords that we may all have for the
specific service that password was created for – and nothing else.
And by the way, that also includes being very careful not to give your
password to a phishing attempt that asks for your password via email. It may
look like it’s coming from Microsoft; it may look like it’s coming from Apple.
It’s not. If it’s asking for your password in email, it is a phishing attempt
and you should not respond.
The passwords would be used only to login to the account for which that
password was established and nothing else.
Next from Answercast #60 – Can I create a true factory fresh image without even the initial customizations?