Apple Migrating iOS 11 and macOS High Sierra Users With Two-Step Verification to Two-Factor Authentication

So... does that mean that those of us who use our Apple IDs with devices that remain on older OS versions will no longer be able to authenticate on those older devices if we upgrade any of the others?

I have an iPad 1 and an Apple TV 3, In order to authenticate Apple will send you the 4-digit access code, you will then need to type your usual password followed by the 4 numbers. Easy (:

I got that email last week and it was not at all clear what they were saying or what the difference is between the two methods. Very un-Apple.

This article makes it clear. I hope it's based on an updated form of the mail.

They only sent the one email. I received it too, and did some research into it. Glad it helps!

The location aspect is not very accurate. Everytime I login Apple thinks I'm London when I'm actually 200 miles away from London. Maybe it's the only UK city they know.

So... does that mean that those of us who use our Apple IDs with devices that remain on older OS versions will no longer be able to authenticate on those older devices if we upgrade any of the others?

There's a workaround for older devices. The instructions to authenticate are slightly different. Just pay attention at the prompt and make sure to understand it and then follow the instructions.

I got that email last week and it was not at all clear what they were saying or what the difference is between the two methods. Very un-Apple.

This article makes it clear. I hope it's based on an updated form of the mail.

I applaud Apple for implementing two-factor auth, but I wish they would use TOTP ('https://en.wikipedia.org/wiki/Time-based_One-time_Password_Algorithm') like all my other accounts (Microsoft, Google, Dropbox, and my employer). One program (Authy is my chosen app) rules them all.

This over authentication trend is tiresome. What is worse is when they assume that you have a cellphone. Not everyone has a cellphone and not everyone who has a cellphone has cell service at home. There are large swaths and many pockets of the USA without cell service. The US Social Security office now requires you to have a cellphone to do this sort of authentication where they text a code to your phone that you are then supposed to enter on your computer at their web site. There is no other way. I talked with their 'customer' service and they said that they're getting a lot of complaints about this and will fix it 'soon' but that was last year.

[USER=1019123]@rob_saunders[/USER] Apple doesn't use SMS to xfer 2fa codes. It uses your iCloud account to xfer codes to devices connected to your iCloud account.

I'm not in the dev beta but I experienced some serious two factor bugs this weekend on multiple devices and multiple Apple IDs. It was frustrating

You obviously didn't read my message. Land line? I already said I travel full time and don't have regular access to a sim. And "What does a SIM card have to do with this?" Obviously you didn't read the article either.

it doesn't use SMS like the old system, that's the point. You obviously don't know how this works.

If you read the article, you would have read this:

The two security methods are similar in many ways, but two-factor authentication automatically sends a six-digit verification code to all trusted devices registered to a given Apple ID, whereas two-step verification manually prompts users to send a four-digit code to any SMS-capable trusted device registered.

see, so SMS on the new system.

Many security authorities are coming out with advisories saying SMS is not a secure mechanism and recommending not to use it for two factor. Which it isn't... any security professional will tell you the same. It's just so easily flawed.

again, it doesn't use SMS, and you don't even need an internet for it to work. SMS is only a back up, that's it.

NIST just a few months ago declared the age of two factor with SMS as over and started putting pressure on regulatories to remove or discourage it - and here we have Apple classing it as a more secure feature. Lol. They really keep doing everything to prove they've lost touch lately.

you're right, again doesn't use SMS. But even if you use SMS, you rather use nothing than SMS?

Lastly, yes it's a migration to the new system but it also says 2fa is required to use many features of iCloud, so... we don't know what those are but I assume account administration and Apple Pay and what else? Is it really excusable to be locked out of a product you own and features it should be able to do because you don't happen to have a SIM card, or more likely, don't want your identity verification mechanism to be at the hands of some random phone company?

Apple isn't forcing you to do this. I think if you don't use the extra security that Apple offers, if anything happens to that persons Apple ID, they (the Apple ID holder) are held 100% liable for any changes and any issues.

2FA is needed for home kit, and to log into a Mac using an Apple Watch. I think that's it. So if you don't use that stuff, then don't use it at all. Again, an iPod touch does not have a SIM card. My iPad and MacBook doesn't have a SIM card either and I get the 6 digit code sent to them, again you didn't read the article. I just popped my SIM card out of my iPhone, logged into iCloud .com, and still got the 2nd factor sent to me over wifi.

Again, there is an option to get the 2nd factor without cell or internet on any trusted device. Settings > Apple ID > password and security > get a verification code and its right there.

So... enough said.

I seriously don't know what the big issue is. Do you log into iCloud all the time? I do maybe once a week, and it's not an issue. The only time you need the 2nd factor is when you get a new device or log into iCloud.com (and you can have the computer remember you if you want).