Turning off 2 factor authentication

[doogald]

Yup thanks, just too tiny on an iPhone, it's nice having an iPad for things like this.

It's really not bad on an iPhone, either.

 

[anon(9721108)]

It's really not bad on an iPhone, either.
View attachment 117674

I'm on my iPhone 7 and I can't see your pic. I'm using the iMore app

 

[doogald]

I'm on my iPhone 7 and I can't see your pic. I'm using the iMore app

Dropbox link: https://www.dropbox.com/s/jxnxz3xs4saqg97/IMG_0046.jpg?dl=0

 

[anon(9721108)]

Oh and another thing I read is that I might have to create 3 new security questions, so maybe it's just easier to use phone verification after all for 2fa

 

[doogald]

Oh and another thing I read is that I might have to create 3 new security questions, so maybe it's just easier to use phone verification after all for 2fa

It's not might - you will have to create three security questions and answers. This is, of course, Apple's way to protect both you and they after the famous hack of Matt Honan's accounts, including his Apple ID, a few years ago.

 

[anon(9721108)]

Speaking about security aspects, I started using Keychain today. I went through Safari, Passwords and put about 16 apps usernames and PW's in there. I like how even if I loan my phone to someone to make a call the PW's are fingerprint protected. I just hope there is never some big hack on iCloud because it seems to happen occasionally.

For one entry I didn't enter it correctly and it removed it. So am I to understand that it knows if you entered the PW wrong that it will not allow it to be stored in Keychain, or just a mistake I made?

 

[doogald]

Speaking about security aspects, I started using Keychain today. I went through Safari, Passwords and put about 16 apps usernames and PW's in there. I like how even if I loan my phone to someone to make a call the PW's are fingerprint protected. I just hope there is never some big hack on iCloud because it seems to happen occasionally.

That shouldn't matter. From Apple's iOS Security Guide (http://images.apple.com/euro/privacy/d/generic/docs/iOS_Security_Guide.pdf ):

While the user’s keychain database is backed up to iCloud, it remains protected by a UID-tangled key. This allows the keychain to be restored only to the same device from which it originated, and it means no one else, including Apple, can read the user’s keychain items.

Somebody could steal the database but it would be useless to them without cracking the AES encryption, which should take many centuries at best. If they want your passwords, it would probably be easier to use some sort of phishing attack to make you try to log in somewhere without realizing that you are at the wrong site.

 

[anon(9721108)]

Ah Yeah. Another thing I noticed is that when I set up about 16 different keychain passwords on the iPhone, at the same time I had keychain turned off on the iPad air, but it still put five of those on the iPad. No idea why five of them. But I simply deleted them off the iPad because I don't need them there. Also my iPad is only a four digit passcode and a couple of my friends know the passcode so that they can use it when we're together so as long as I keep them on the iPhone that's fine protected by fingerprint.

 

[Ledsteplin]

Ah Yeah. Another thing I noticed is that when I set up about 16 different keychain passwords on the iPhone, at the same time I had keychain turned off on the iPad air, but it still put five of those on the iPad. No idea why five of them. But I simply deleted them off the iPad because I don't need them there. Also my iPad is only a four digit passcode and a couple of my friends know the passcode so that they can use it when we're together so as long as I keep them on the iPhone that's fine protected by fingerprint.

Are those you deleted off the iPad still on the phone?

 

[anon(9721108)]

Are those you deleted off the iPad still on the phone?

Yes they are still all on the iPhone

 

[facecard]

I have an iPhone 7 Plus and I have two factor authentication turned off. I understand what it is and the reason behind it but I think it is unnecessary for this feature. For some people, it might be useful but for me I don't need authenticate myself each time I sign in to a Mac or device.

 

[doogald]

I have an iPhone 7 Plus and I have two factor authentication turned off. I understand what it is and the reason behind it but I think it is unnecessary for this feature. For some people, it might be useful but for me I don't need authenticate myself each time I sign in to a Mac or device.

That’s really not what it’s for. If your Apple ID password is somehow stolen, guessed, or social engineered, with two-factor authentication and without access to one of your authenticated devices, the person who has your credentials will still not be able to log in to your iCloud account and change your password, erase your device with Find my iPhone, etc.

 

[Rob Phillips]

That’s really not what it’s for. If your Apple ID password is somehow stolen, guessed, or social engineered, with two-factor authentication and without access to one of your authenticated devices, the person who has your credentials will still not be able to log in to your iCloud account and change your password, erase your device with Find my iPhone, etc.

This. Anyone who thinks two-factor authentication is unnecessary—especially with something as important as an Apple ID—probably needs help understanding what it is. I personally can’t stand when web sites and apps that store my personal information don’t offer it. Anyway, here’s a nice article that outlines what two-factor authentication is, why it’s important, and even details many of the sites and apps that offer it:
https://www.imore.com/two-factor-authentication