You can make a difference in the Apple Support Community!

When you sign up with your Apple Account, you can provide valuable feedback to other community members by upvoting helpful replies and User Tips.

Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

I don't understand why my account is locked when there is no other evidence of compromise

This error message reads like a scam, and I am disinclined to change a perfectly good password when everything is in working order, I haven't gotten any 2FA alerts that someone is trying to log in, and my iCloud settings on my Mac shows that only the devices I know about have access.


To "unlock" my account says that I have to change my password by acting as though I've forgotten it. That is so suspicious. My password is not forgotten. If the URLs weren't clearly Apple, I'd be certain they were phishing attempts. I almost think they're phishing attempts anyway, in a manner that I don't understand.


However, it is blocking me from accessing my Apple developer account, too, so it's not something that I can ignore, much as I would like to.


What is, in fact, going on here?

MacBook Air 13″, macOS 13.4

Posted on Aug 19, 2023 11:08 PM

Reply
Question marked as Top-ranking reply

Posted on Aug 20, 2023 8:15 AM

Here is what to do: If your Apple ID is locked or disabled - Apple Support


If that is what you are encountering, it would seem the passwords might be somewhat less than “perfectly good” and quite possibly compromised, or that something benign happening locally (VPN usage maybe, or use of a stale password saved somewhere) is being detected as malicious activity.


Semi-related: might want to check the Apple password security recommendations for your accounts saved in Keychain, and update those as appropriate, too. If passwords are possibly being re-used, that works great right up until it doesn’t, and password reuse gets nasty in a hurry.

Similar questions

3 replies
Question marked as Top-ranking reply

Aug 20, 2023 8:15 AM in response to Derek Jones1

Here is what to do: If your Apple ID is locked or disabled - Apple Support


If that is what you are encountering, it would seem the passwords might be somewhat less than “perfectly good” and quite possibly compromised, or that something benign happening locally (VPN usage maybe, or use of a stale password saved somewhere) is being detected as malicious activity.


Semi-related: might want to check the Apple password security recommendations for your accounts saved in Keychain, and update those as appropriate, too. If passwords are possibly being re-used, that works great right up until it doesn’t, and password reuse gets nasty in a hurry.

Aug 20, 2023 12:15 PM in response to MrHoffman

Thanks for the tips! As it turned out, when I followed the flow, all I had to do was use one of my Apple devices to confirm the unlock, like a 2FA challenge. I didn't have to change my password (which is unique and long).


Other sources suggested that even unsuccessful attempts to log in (i.e., wrong password) can cause this condition, which makes more sense to me.


I still would have preferred some indicator on my Mac's iCloud settings, to confirm that what the web page was telling me was legitimate. The phishing attempts I get in my mailbox are getting very sophisticated lately.

Aug 20, 2023 1:30 PM in response to Derek Jones1

Derek Jones1 wrote:

…Other sources suggested that even unsuccessful attempts to log in (i.e., wrong password) can cause this condition, which makes more sense to me.


That’s the “stale passwords” I’d mentioned. Anything that reeks of a brute-force attack can lock the target, whether that traffic might originating from your own (misconfigured) stuff or from some other entity.


One of the ISPs I deal with has a hair-trigger block, and it doesn’t age out. It only clears with a support ticket.


I still would have preferred some indicator on my Mac's iCloud settings, to confirm that what the web page was telling me was legitimate. The phishing attempts I get in my mailbox are getting very sophisticated lately.


The phishing that many of us are getting. For those of us not yet getting the spear-phishing. “Fun” times.

I don't understand why my account is locked when there is no other evidence of compromise

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.