My Apple ID keeps getting locked

Same for me. Getting locked on the same device with the same browser windows MINUTES after I've unlocked my ID. It's just not usable for me at this point any longer. 2FA enabled, password is ultra-secure. Happening 4-5x a week. This is RIDICULOUS

The Apple ID is an e-mail address. An e-mail address is by nature public information, like a phone number or your name. .

in my case I have at least two geriatrics, one in England, the other in Canada, who think that they can arbitrarily use and claim my e-mail as theirs. I see their bills, I get email traffic (requests) from one’s lawyer for business correspondence. I’m reasonably sure that this is the origin of the misuse of my e-mail Apple e-mail address that is my Apple ID.

as far as 15+ years ago, hacking, we diverge on that. I wrote my first hack-hack in 1982. The server reference that the Apple moderators keep redacting from my posts references the single most attacked hostname in 2004 which was the grand prize for a world wide hacking contest. Hacking goes back to the 70’s with phreaking. It’s just become more pedestrian now.

And that redacted-name system did not, under any circumstance, disable the user based upon someone trying a hack-hack (now called brute force attack) or a dictionary attack. The. System was never compromised under my watch (5 years) but was compromised twice when running Windows/ColdFusion prior to my watch. (Perp was convicted).

so no, Apple’s approach to security is essentially condemning the victim here. We are the victims. We shouldn’t have to change our @icloud.com e-mail address every time someone decides to attack the related Apple account. For me the upheaval is similar to that of legally changing my name given all the systems and contacts who use that email address to identify me. Do I send all 7531 of my address book contacts a “hey, because of Apple’s poor security model, I have changed my e-mail address to xyz ” message? No.

Apple needs to fix their…design.

Did you resolve this?

I am experiencing the same problem. I assume my old login & password was leaked, and various hacker’s attempts to use those old credentials from a dump somewhere to log in is triggering my account to become locked.

After a long call with senior Apple support, there is apparently no solution to this. The only resolve is to de-activate the account and start afresh.

I have been having the same issue with my Apple ID. My account gets locked on a daily basis, sometimes 2x a day. According to several discussions on various forums, this exact problem started for many users in September/October of 2020. Even more in November 2020. People thought it might have to do with 2FA, but people with 2FA and all the latest Apple products and operating systems started having this problem, so that wasn’t the fix.

Prior to then, I was never locked out. There was a period of time when weeks went by without getting locked out, and I thought the problem got fixed in one of the iOS upgrades, but then the problem returned. I’ve noticed that I get locked out any time there is an iOS upgrade or some activity on the Apple System Status page. It isn’t exclusive to that, but it’s a guarantee that it will happen. Six months ago, it got really bad. I also noticed that, six months ago, my rescue email for my account started getting spam. I use that email address exclusively as my rescue email for my Apple account; nothing else. All of this may be a coincidence, but the coincidences are starting to pile up, making me believe this is something on Apple’s end that they have not yet fixed.

[Edited by Moderator]

Ok, I have 5 e-mail addresses (one Mac.com original one) and 2 phone numbers all under the Apple account. Any of these could be used as my Apple ID for login to AppleID.apple.com hence any of them could be being used to trigger Apple’s inferior security process.

are you saying I should abandon them all and change my phone numbers just because Apple doesn’t have their security act together?

Jim if your Apple ID is an iCloud account (or in my case an me.com address) only then it is not possible to change this address or change your Apple ID. My Apple ID and my email address are one service.

glitchNE wrote:

Bill,

I think you're absolutely right.

Apple ignores these discussions and we're left to our own to create a collaborative solution but unfortunately this has to be solved by Apple. This Apple ID I have doesn't have two factor authentication on it. If I thought that would fix the problem I'd add it but because Apple hasn't responded to these posts I worry that adding two factor authentication would just add a layer of complications to the problem and the problem would persist.

Apple does not respond to post here as this is a user to user support site. If you are looking for support from Apple directly, then you will need to contact them here.

Contact Apple for support and service - Apple Support

If you Apple ID is out there where others are attempting to guess the password and locks you out of your account, then create a new email address and change your Apple ID to this new email address. You can continue to use your previous email address, it just will no longer be your Apple ID.

Change your Apple ID - Apple Support

Yup, can confirm, happens to me too. At least the unlocking works fine.

They are not useful.

Apple's AppleID authentication system is vulnerable to end user Denial Of Service attacks on individual accounts. The result is the locked account issue we are discussing here. All someone has to do is create an automated script to try a password on an Apple ID multiple times in some area where there is no "are you a robot" style challenge and they can very effectively lock your account multiple times a day.

I just unlocked my account and based upon the prior 36 prior times, I expect it to be locked again shortly.

I suspect that if someone does an AppleID DOS on an exec at Apple this will get fixed 😉