I've thought the Apple platform has two glaring omissions

- touchid and biometric configuration profiles (standard, paranoid, extra paranoid)

- versioning for icloud backup

The simple fact is that there is no one-sized-fits-all use case for this.

Biometrics are great for the average user! They reduce shoulder surfing and increase security.

But for some users, you might want two factor for biometrics (such as an apple watch), or short windows before password entry is forced. You might want both biometrics AND password entry required. You might want to enable biometrics only when two factor is enabled.

Look, I'm not saying that what I've said is the ideal setup, by the way. Just that there is a lot of room for improvement versus the status quo.