Two factor authentication driving me insane

Soldato
Joined
26 Aug 2003
Posts
24,280
I've got two issues with this at the moment and it's driving me insane!

First issue: My parent's Mac's drive failed. I've installed a new SSD, installed Lion from recovery (bootable USB refused to work with any OS I tried). I can't log them into their Apple ID because it won't send a code to my dad's phone. I find out dad's phone is on IOS7 (they're 100 miles away from where I live also), I get mum to update it, and now they can't get their Apple ID logged in on there either, because it wants to send a code to their Mac! So both devices are currently locked out of the Apple ID because of two factor authentication, and there doesn't appear to be any way out of this without going through account recovery with Apple.

Second issue: I had to use my Apple ID to get Sierra on their Mac, so I had to turn off two-factor. I don't have an iPhone any more and to use my iCloud email, I need to have two-factor and to get an app-specific password. Which is absurd in my opinion.

Anyway. I go to turn it back on after I've done this, and the code it texts to my phone doesn't work. It's 100% the right code - I had another one sent as well, same issue.

This exact same thing happened before their hard drive failed, on their account. The code came through, but would not register as the correct code. When I looked this up, it seems to be common and has been happening to people since 2016!

Two factor authentication is the biggest pain in the arse, security wise, I've ever had to deal with - I've been using Macs for something stupid like 14 years, exclusively for more than ten years, and in the last couple of years they just seem to be doing stupid, absurd things that don't benefit anyone.

Sorry about this incoherent rant, but I consider myself a die-hard Apple user, and I feel like I just can't be doing with them any more - they're losing the plot badly.

Can anyone actually advise me on what to do about either of these situations, or have I just got to have my parents phone Apple and recover the account?
 
Looks like they will have to, yes. I've just turned 2FA off and run through the setup to switch it on again to see what happens. It doesn't give you any backup codes for emergencies but it did ask for a recovery telephone number which probably doesn't help if the code they sent you isn't recognised. It's not a situation I've experienced but obviously it is happening to some out there. Can't offer any help sorry.
 
It's a crappy series of events, and I completely understand how you feel, I've been in these kinds of situations where I feel like nothing makes sense.

I'm pretty surprised that you could enable 2FA on your parents' account without an up-to-date iPhone. I didn't realise it was possible just with a Mac. Maybe the key problem right when you were going through all this was that Apple's SMS part of 2FA was acting up, and it will come right again at some point?

I've been using Apple's 2FA since it came out, and have never had any problems. I did have a minor issue a few weeks ago when I rebuilt my MacBook (I was dicking around with it quite a bit, installing, uninstalling), where it wouldn't let me sign in at the completion of the install, so after a couple of attempts I gave up and went to bed. The following morning it worked first time. So either some timeout or threshold got triggered, locking me out temporarily, or a key system of the 2FA infrastructure just happened to be broken that night when I was attempting to log in.

Given that your dad's phone was on iOS 7 (meaning he's not the type to be on top of IT stuff), I'd argue that he isn't a good candidate for 2FA, and it may be better just to turn it off. As long as he has a unique password that's reasonably good, he should be fine. I've not enabled 2FA on my wife's account for that reason, she is just too technologically "I do not care" for me to go through the hassle of giving her tech support every time she has an issue (I admit this is based on my assumption that she will have problems, and not on any experience). Apple was absolutely right in locking you out, you rebuilt the Mac from scratch, so it's no longer trusted, you then rebuilt the phone from scratch, now also not trusted. Any other result would mean the 2FA system isn't working properly. Unfortunate series of events, for sure, but from my understanding of what you explained, working as intended. The SMS portion should've worked though.

With regards to your account, you are fairly far outside of Apple's target audience (the Mac is no longer anywhere near the top of their list of priorities). If using an iCloud email account requires 2FA, then I would get rid of the iCloud account: set it up to forward to an outside account (e.g. outlook.com, or even better yet, get your own domain), and then you won't have to have 2FA enabled. It sounds like Apple hasn't put a lot of testing into the use-case of 2FA without an iPhone.

Did you get it all resolved in the end?
 
I know people say the Mac is not the top of Apple’s priorities but where the hell would they be without it? You can’t write Xcode apps without a Mac. Until they port Xcode to Windows, they should see Mac users as the Crown Jewels of their platforms.
 
I know people say the Mac is not the top of Apple’s priorities but where the hell would they be without it? You can’t write Xcode apps without a Mac. Until they port Xcode to Windows, they should see Mac users as the Crown Jewels of their platforms.
Completely agree — I don’t get it.
 
Back
Top Bottom