New in OS X: Get MacRumors Push Notifications on your Mac

Resubscribe Now Close

Apple Sued Over Not Letting Customers Disable Two-Factor Authentication After Two Weeks

New York resident Jay Brodsky has filed a frivolous class action lawsuit against Apple, alleging that the company's so-called "coercive" policy of not letting customers disable two-factor authentication beyond a two-week grace period is both inconvenient and violates a variety of California laws.


The complaint alleges that Brodsky "and millions of similarly situated consumers across the nation have been and continue to suffer harm" and "economic losses" as a result of Apple's "interference with the use of their personal devices and waste of their personal time in using additional time for simple logging in."

In a support document, Apple says it prevents customers from turning off two-factor authentication after two weeks because "certain features in the latest versions of iOS and macOS require this extra level of security":
If you already use two-factor authentication, you can no longer turn it off. Certain features in the latest versions of iOS and macOS require this extra level of security, which is designed to protect your information. If you recently updated your account, you can unenroll for two weeks. Just open your enrollment confirmation email and click the link to return to your previous security settings. Keep in mind, this makes your account less secure and means that you can't use features that require higher security.
The complaint is riddled with questionable allegations, however, including that Apple released a software update around September 2015 that enabled two-factor authentication on Brodsky's Apple ID without his knowledge or consent. Apple in fact offers two-factor authentication on an opt-in basis.

Brodsky also claims that two-factor authentication is required each time you turn on an Apple device, which is false, and claims the security layer adds an additional two to five minutes or longer to the login process when it in fact only takes seconds to enter a verification code from a trusted device.

The complaint goes on to allege that Apple's confirmation email for two-factor authentication enrollment containing a "single last line" alerting customers that they have a two-week period to disable the security layer is "insufficient."


Brodsky accuses Apple of violating the U.S. Computer Fraud and Abuse Act, California's Invasion of Privacy Act, and other laws. He, on behalf of others similarly situated, is seeking monetary damages as well as a ruling that prevents Apple from "not allowing a user to choose its own logging and security procedure." Read the full document.



Top Rated Comments

(View all)

11 weeks ago
Yea, it's such a pain having to remember my PIN too. The ATM should just give me money.
Rating: 87 Votes
11 weeks ago
*rolls eyes*

So stupid lol.
Rating: 49 Votes
11 weeks ago
Seems if people want to disable this and stupidly reduce their personal security, it should be their right.
Rating: 33 Votes
11 weeks ago
I think this is great, actually.

To be clear, I do think two-factor authentication is much more secure (obviously). But I hate that Apple is so determined to force its users into using it. If someone doesn't want it then they have the right to disable it. Plain and simple. Our devices and accounts should be ours to control.
Rating: 26 Votes
11 weeks ago
While the plaintiff might have some stupid points, I do agree that enabling or disabling two-factor should be the user's choice.
Rating: 26 Votes
11 weeks ago


New York resident Jay Brodsky has filed a frivolous class action lawsuit against Apple, alleging that the company's so-called "coercive" policy of not letting customers disable two-factor authentication beyond a two-week grace period is both inconvenient and violates a variety of California laws.


Without commenting on the merits of this case, I'd prefer that the MacRumors team not editorialize like this. Leave that to the pundits. Share the facts and leave it at that.

We can come to our own conclusions, thankyouverymuch. o_O
Rating: 25 Votes
11 weeks ago
I’m just going to sue apple for feature requests now. The phone icon is prejudiced against young people who aren’t familiar with what a telephone looks like. It’s ageist and insensitive. Now give us all three cents for the emotional damage this has caused us.
Rating: 25 Votes
11 weeks ago

I'm sure it can be disabled

I’m pretty sure you can’t. My mom wanted it off because she doesn’t have a second device and she ended up just linking it to my sisters phone
Rating: 20 Votes
11 weeks ago
"and millions of similarly situated consumers across the nation have been and continue to suffer harm"

i highly doubt this.
Rating: 18 Votes
11 weeks ago
Two-factor authentication is tough, but easily learned to speed use.

It is tough, so is driving safely - yet we manage. Lawsuit?
Rating: 17 Votes

[ Read All Comments ]