Apple Sued Over Not Letting Customers Disable Two-Factor Authentication After Two Weeks

Discussion in 'MacRumors.com News Discussion' started by MacRumors, Feb 9, 2019.

  1. Tooldog macrumors newbie

    Tooldog

    Joined:
    Apr 7, 2017
    #401
    Basis is that the purchaser has "title and ownership" of the device. I take note you interject that Title 17 "copyright law" is applicable. I suspect that it will be ruled not to be applicable if Apple attorneys are brazen enough to open the lid on that steaming pile. Owner cannot be "compelled" to do anything with their device under current U.S. law. California, or other states, may have laws covering this.

    "macrumors.com" should not utilize technical legal phrasing. Especially without a statement revealing it to be their personal "uninformed opinion" and "not based upon published ruling."
     
  2. spullum macrumors newbie

    Joined:
    Aug 9, 2012
    #402
    Suing is prob. the only way the person would be able to turn it off in future. Apple's probably not going to allow it to be turned off otherwise.

    If Apple makes it opt-out for new devices, and a few people turn it off, they chose to accept responsibility (they can prompt you to agree).
     
  3. Kastellen macrumors member

    Joined:
    Apr 25, 2014
    #403
    Okay, can you clarify that? Because Apple IS sending the "allow"/"don't allow" dialogue TO THE MAC I'M ON. I click "allow", and it gives me a code to put on the web page ON THAT MAC. Code and place to put it on the same machine. I usually have to move the window WITH the code out of the way of the window that WANTS the code.

    And this is all of course on a Safari browser that has been authenticated (and "trusted") fifty times already on that same Mac.
     
  4. IG88 macrumors 6502

    IG88

    Joined:
    Nov 4, 2016
    #404
    Yes this is correct actually, although still somewhat confusing.
     
  5. Ruskes macrumors regular

    Ruskes

    Joined:
    Jan 4, 2019
    #405
    OK, let me try
    You can log with Apple ID from any device.
    With two step verification you can not do that.
    Only from devices you added to trusted devices where you will get the code.
    You can log in with someones laptop, as long you have one of your trusted devices with you to get the code.
     
  6. Ladybug macrumors 68000

    Ladybug

    Joined:
    Apr 13, 2006
    #406
    Criminals are everywhere doing criminal things that won’t change.
     
  7. gavroche, Feb 11, 2019 at 5:44 PM
    Last edited: Feb 11, 2019 at 6:23 PM

    gavroche macrumors 65816

    gavroche

    Joined:
    Oct 25, 2007
    Location:
    Left Coast
    #407
    Edit:

    Pointless debate....
     
  8. cmaier macrumors G4

    Joined:
    Jul 25, 2007
    Location:
    California
    #408
    Not true. There is no criminal behind my sofa. Just mismatched socks. So not everywhere.
     
  9. Ladybug macrumors 68000

    Ladybug

    Joined:
    Apr 13, 2006
    #409
    Haha, are you really really sure? Have you looked? Perhaps that is why you only have mismatched socks left. :D
     
  10. MadeTheSwitch macrumors 6502a

    MadeTheSwitch

    Joined:
    Apr 20, 2009
    #410
    Not a good analogy. Your locksmith isn’t in control of your lock. You can do what you want with your lock, your door, and your house. Unlike the Apple situation where you could be locked out of your own content that you paid for. In your analogy, it would be like the locksmith keeping you from getting into your house and accessing your stuff ever again.

    Not comparable. If I forget my password and lose my ATM card, I can go to the bank and resolve it and still have access to my money. In this situation you lose two things and you are shut out of your stuff.
    --- Post Merged, Feb 11, 2019 at 7:05 PM ---
    Is it your building that you paid for and own?
    --- Post Merged, Feb 11, 2019 at 7:23 PM ---
    If you were merly renting your iphone from Apple like renting that apartment, your analogy might be more accurate. But not if you bought it.
     
  11. xWhiplash macrumors 68000

    Joined:
    Oct 21, 2009
    #411
    Do you own Apple's servers and the Apple ID? I OWN my servers in the data center. It should be my choice to lower the security as I do not care if someone comes in and takes my servers.

    This is the same situation. Your Apple ID is yours, but it is on Apple's servers and Apple's environment.
     
  12. MadeTheSwitch macrumors 6502a

    MadeTheSwitch

    Joined:
    Apr 20, 2009
    #412
    Sounds like you are renting a space in the data center. That’s a different situation than the phone you own. You can separate your servers from the data center if you do not like the policy whereas an iphone that is your property cannot be separated from Apple’s 2FA policy after the two week period that people aren’t even informed of ahead of time. That’s the point.

    I really don’t see why some here are so bent out of shape over someone wanting to turn something off. Obviously it is not a technical problem as they can and do reverse it within an arbitrary two week period. So a customer should be able to turn it off later if they want. It doesn’t impact you.
     
  13. Zwhaler macrumors 604

    Zwhaler

    Joined:
    Jun 10, 2006
    #413
    Yep... and I respect that! "Enforcing" 2FA in this way will surely reduce the number of security breaches since they have millions and millions of customers.
     
  14. Ruskes, Feb 11, 2019 at 9:05 PM
    Last edited: Feb 11, 2019 at 9:51 PM

    Ruskes macrumors regular

    Ruskes

    Joined:
    Jan 4, 2019
    #414
    The only ones who oppose the 2FA are Scammers and Hackers.
     
  15. xWhiplash macrumors 68000

    Joined:
    Oct 21, 2009
    #415
    Yes it does impact me. This will set a precedent allowing just a random Joe on the street to control how a program or business operates just by filing a lawsuit for not liking something. I wouldn't want someone getting on my account and disabling two-factor authentication and re-enabling it for just their devices. They should NOT allow it to be turned off for security reasons.

    So how about whenever I log in to my credit card website on a new browser or new computer, I am asked for my security code and expiration date for multiple verification? That takes up my time too.
     
  16. Ruskes macrumors regular

    Ruskes

    Joined:
    Jan 4, 2019
    #416
    Actually wondering when will the online banking introduce the 2 step verification.
    After all it is a very clever way of protecting my account.
    Right now they only pester you if you change the computer or the browser.
     
  17. flygbuss macrumors 6502

    flygbuss

    Joined:
    Jul 22, 2018
    Location:
    Stockholm, Sweden
    #417
    So you’re saying you bought iCloud?
    And apple didn’t give you the keys to it?
    Because I just bought a phone and I don’t need 2 factor authentication to unlock it.
     
  18. Ruskes macrumors regular

    Ruskes

    Joined:
    Jan 4, 2019
    #418
    It is simple
    If you want to use Apple service it requires 2 step verification
    End of Story.
     
  19. C DM macrumors Sandy Bridge

    Joined:
    Oct 17, 2011
    #419
    Apparently not that simple since there are people who use the services without that, and even Apple allows people not to use it or to stop using it within an arbitrary period of two weeks.
     
  20. MadeTheSwitch macrumors 6502a

    MadeTheSwitch

    Joined:
    Apr 20, 2009
    #420
    Why are you taking the conversation into a different direction? Of course not. That is a silly comment. But, if you want to change a setting on YOUR phone, that causes certain interactions on YOUR phone that you do not want, you cannot turn it off. Worse, if you lose your ability to authenticate, you lose access to the things you bought and paid for. This is for people that have turned it on, or had it forced upon them through an osx upgrade. If you didn’t turn it on and never will, bully for you. Then this entire matter is not a concern to you.

    It literally does not impact you. Your coulda woulda maybe scenarios, aren’t realistic and seem like fearmongering. How is someone going to get into your account and disable two factor? Are you totally pissed that for two weeks it can be disabled now?

    I am really amazed at the lengths people will go to to defend Apple no matter what they do.There’s no reason why such an ability could not be set on an account by account basis. You never want 2 factor revoked on your account...fine. Done! Locked in stone forever. Meanwhile other accounts can have different choices.
     
  21. Ruskes macrumors regular

    Ruskes

    Joined:
    Jan 4, 2019
    #421
    So what is the problem then ?
    You can be without it or with it.
    The choice is yours.
     
  22. batchtaster, Feb 11, 2019 at 10:41 PM
    Last edited: Feb 11, 2019 at 10:48 PM

    batchtaster macrumors 65816

    Joined:
    Mar 3, 2008
    #422
    The same nimrods will then complain - and sue - when they're locked out of a raft of features that Apple will necessarily switch off for security reasons when the user chooses to disable 2FA.
    Apple has a duty of care and responsibility to the services they provide, to protect them from attack and misuse.

    EDIT: These are also the same numbskulls who would sue Apple for not protecting their details when their phone gets compromised because they turned off 2FA. America's litigious, personal responsibilty-shirking culture is well known around the world.
     
  23. C DM macrumors Sandy Bridge

    Joined:
    Oct 17, 2011
    #423
    Seems like what's under discussion is what's across more than a dozen pages in this thread.
     
  24. Ruskes macrumors regular

    Ruskes

    Joined:
    Jan 4, 2019
    #424
    So for some unknown reason Apple does not let you get out of it after 2 weeks probation period.
    And people are all upset about that, but they did sign up in first place.
    So what happens if Apple let you sign out of the 2FA and your Apple ID account gets hacked.
    Will you blame Apple, or sue them ?
     
  25. Dave-Z macrumors 6502a

    Joined:
    Jun 26, 2012
    #425
    Perhaps. Probably. I still stand by my comment--users should have the choice.

    There is genuine utility in not having 2FA on an account. I do not have it on for certain family members because I do not want their devices having a passcode because they would end up locking themselves out. That outweighs having to deal with 2FA for me since there's nothing of actual value in their account except some saved game info.
     

Share This Page