Starting on February 27, Apple will be requiring all developers to have two-factor authentication enabled for their Apple IDs, with two-factor necessary for signing into Developer accounts after that date.
Apple today told developers via email that the requirement is being implemented to help keep developer accounts more secure and to make sure that no third-parties can access a developer account.
/article-new/2019/02/appledevaccount2factor-800x382.jpg?lossy)
Developers who do not have two-factor authentication enabled for their Apple IDs will need to turn it on by February 27.
Two-factor authentication can be enabled on an iPhone or Mac by following Apple's instructions. Once enabled, a verification code from a trusted device will be required when logging in to a developer account.
Top Rated Comments
On your Mac, create a new user account. Set up that account to use your developer iCloud account. You will be prompted to turn on 2factor. Do so. Give it your phone number. When it’s done. Remove the user account.
Now, when you are prompted for 2factor, click the “I didn’t receive a code” link, and you can choose to send a code to your phone.
Due to turnover and the account being tied to a large organization, the "owner" of the account is more of a role account, and not really tied to an individual with a particular number/device.
IMO if Apple really wants to enforce two factor, they need to offer more two-factor options or account for role-based accounts in a better way. This is going to be anywhere from a huge PITA to a nightmare. :(
This is extremely problematic for my use-case. I'm the Apple Developer/Connect admin for a very large organization that publishes multiple apps from multiple developers/app managers under our license.
I know, the first thing I thought when I read this was "Who the hell uses their personal Apple ID for a dev account?"Due to turnover and the account being tied to a large organization, the "owner" of the account is more of a role account, and not really tied to an individual with a particular number/device.
IMO if Apple really wants to enforce two factor, they need to offer more two-factor options or account for role-based accounts in a better way. This is going to be anywhere from a huge PITA to a nightmare. :(
Apple needs to allow for receiving two factor codes for multiple Apple IDs on one device, otherwise this is going to piss people the hell off.
Since you all are using a secondary iCloud account, like me, here’s the trick:
Also, if you log off the account prior to removing the user, OR you remove the device in appleid.apple.com, then you don’t have to click a link each time. You will receive an iMessage each time you need to provide a code.On your Mac, create a new user account. Set up that account to use your developer iCloud account. You will be prompted to turn on 2factor. Do so. Give it your phone number. When it’s done. Remove the user account.
Now, when you are prompted for 2factor, click the “I didn’t receive a code” link, and you can choose to send a code to your phone.
For our company account, NOBODY logs in to an Apple device using that ID. That will apply for most companies. Fortunately, need to log in with that account is minimal, since each developer uses their own linked account. When somebody DOES log in (to accept terms and conditions, to pay the yearly bill, etc. etc.) it will be different people who have access to the password.
The phone number goes to a VOIP line.
My own developer account is separate from the account that I log in to my Mac and iDevices with. Because I thought that was a Good Idea. At least I can verify by SMS.
But of course, SMS is a TERRIBLE way to do 2-factor authentication.
If they want to get serious, allow 2-factor with a dongle. And allow multiple dongles to be registered per account.
The options available to solve this issue are all pretty bad.