Apple Sued Over Not Letting Customers Disable Two-Factor Authentication After Two Weeks

Basis is that the purchaser has "title and ownership" of the device. I take note you interject that Title 17 "copyright law" is applicable. I suspect that it will be ruled not to be applicable if Apple attorneys are brazen enough to open the lid on that steaming pile. Owner cannot be "compelled" to do anything with their device under current U.S. law. California, or other states, may have laws covering this.

"macrumors.com" should not utilize technical legal phrasing. Especially without a statement revealing it to be their personal "uninformed opinion" and "not based upon published ruling."

 

Suing is prob. the only way the person would be able to turn it off in future. Apple's probably not going to allow it to be turned off otherwise.

If Apple makes it opt-out for new devices, and a few people turn it off, they chose to accept responsibility (they can prompt you to agree).

 

Okay, can you clarify that? Because Apple IS sending the "allow"/"don't allow" dialogue TO THE MAC I'M ON. I click "allow", and it gives me a code to put on the web page ON THAT MAC. Code and place to put it on the same machine. I usually have to move the window WITH the code out of the way of the window that WANTS the code.

And this is all of course on a Safari browser that has been authenticated (and "trusted") fifty times already on that same Mac.

 

Yes this is correct actually, although still somewhat confusing.

 

OK, let me try
You can log with Apple ID from any device.
With two step verification you can not do that.
Only from devices you added to trusted devices where you will get the code.
You can log in with someones laptop, as long you have one of your trusted devices with you to get the code.

 

Criminals are everywhere doing criminal things that won’t change.

 

Edit:

Pointless debate....

 

Not true. There is no criminal behind my sofa. Just mismatched socks. So not everywhere.

 

Haha, are you really really sure? Have you looked? Perhaps that is why you only have mismatched socks left.

 

Not a good analogy. Your locksmith isn’t in control of your lock. You can do what you want with your lock, your door, and your house. Unlike the Apple situation where you could be locked out of your own content that you paid for. In your analogy, it would be like the locksmith keeping you from getting into your house and accessing your stuff ever again.

Not comparable. If I forget my password and lose my ATM card, I can go to the bank and resolve it and still have access to my money. In this situation you lose two things and you are shut out of your stuff.

--- Post Merged, Feb 11, 2019 at 7:05 PM ---

Is it your building that you paid for and own?

--- Post Merged, Feb 11, 2019 at 7:23 PM ---

If you were merly renting your iphone from Apple like renting that apartment, your analogy might be more accurate. But not if you bought it.

 

Do you own Apple's servers and the Apple ID? I OWN my servers in the data center. It should be my choice to lower the security as I do not care if someone comes in and takes my servers.

This is the same situation. Your Apple ID is yours, but it is on Apple's servers and Apple's environment.

 

Sounds like you are renting a space in the data center. That’s a different situation than the phone you own. You can separate your servers from the data center if you do not like the policy whereas an iphone that is your property cannot be separated from Apple’s 2FA policy after the two week period that people aren’t even informed of ahead of time. That’s the point.

I really don’t see why some here are so bent out of shape over someone wanting to turn something off. Obviously it is not a technical problem as they can and do reverse it within an arbitrary two week period. So a customer should be able to turn it off later if they want. It doesn’t impact you.

 

Yep... and I respect that! "Enforcing" 2FA in this way will surely reduce the number of security breaches since they have millions and millions of customers.

 

The only ones who oppose the 2FA are Scammers and Hackers.

 

Yes it does impact me. This will set a precedent allowing just a random Joe on the street to control how a program or business operates just by filing a lawsuit for not liking something. I wouldn't want someone getting on my account and disabling two-factor authentication and re-enabling it for just their devices. They should NOT allow it to be turned off for security reasons.

So how about whenever I log in to my credit card website on a new browser or new computer, I am asked for my security code and expiration date for multiple verification? That takes up my time too.

 

Actually wondering when will the online banking introduce the 2 step verification.
After all it is a very clever way of protecting my account.
Right now they only pester you if you change the computer or the browser.

 

So you’re saying you bought iCloud?
And apple didn’t give you the keys to it?
Because I just bought a phone and I don’t need 2 factor authentication to unlock it.

 

It is simple
If you want to use Apple service it requires 2 step verification
End of Story.

 

Apparently not that simple since there are people who use the services without that, and even Apple allows people not to use it or to stop using it within an arbitrary period of two weeks.

 

Why are you taking the conversation into a different direction? Of course not. That is a silly comment. But, if you want to change a setting on YOUR phone, that causes certain interactions on YOUR phone that you do not want, you cannot turn it off. Worse, if you lose your ability to authenticate, you lose access to the things you bought and paid for. This is for people that have turned it on, or had it forced upon them through an osx upgrade. If you didn’t turn it on and never will, bully for you. Then this entire matter is not a concern to you.

It literally does not impact you. Your coulda woulda maybe scenarios, aren’t realistic and seem like fearmongering. How is someone going to get into your account and disable two factor? Are you totally pissed that for two weeks it can be disabled now?

I am really amazed at the lengths people will go to to defend Apple no matter what they do.There’s no reason why such an ability could not be set on an account by account basis. You never want 2 factor revoked on your account...fine. Done! Locked in stone forever. Meanwhile other accounts can have different choices.

 

So what is the problem then ?
You can be without it or with it.
The choice is yours.

 

The same nimrods will then complain - and sue - when they're locked out of a raft of features that Apple will necessarily switch off for security reasons when the user chooses to disable 2FA.
Apple has a duty of care and responsibility to the services they provide, to protect them from attack and misuse.

EDIT: These are also the same numbskulls who would sue Apple for not protecting their details when their phone gets compromised because they turned off 2FA. America's litigious, personal responsibilty-shirking culture is well known around the world.

 

Seems like what's under discussion is what's across more than a dozen pages in this thread.

 

So for some unknown reason Apple does not let you get out of it after 2 weeks probation period.
And people are all upset about that, but they did sign up in first place.
So what happens if Apple let you sign out of the 2FA and your Apple ID account gets hacked.
Will you blame Apple, or sue them ?

 

Perhaps. Probably. I still stand by my comment--users should have the choice.

There is genuine utility in not having 2FA on an account. I do not have it on for certain family members because I do not want their devices having a passcode because they would end up locking themselves out. That outweighs having to deal with 2FA for me since there's nothing of actual value in their account except some saved game info.