So has anyone figured out the reason why you can not sign out of it after 2 weeks probation period?
Is it technical, legal, or just to annoy us.
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Apple Sued Over Not Letting Customers Disable Two-Factor Authentication After Two Weeks
- Thread starter MacRumors
- Start date
- Sort by reaction score
Is it technical, legal, or just to annoy us.
Because Apple doesn't want users turning it off. It really is more secure to have it on. I use it on important accounts, but children, elderly, completely inept individuals can benefit by not having it on in certain circumstances.
If someone asked me if they should use it, I would say, "Yes," but there certainly are some circumstances where being able to turn it off would be nice.
Because you made it look like you own the service. Most people use the free iCloud storage, so they don’t even pay for it. In addition to that you keep pretending that someone locked you out which isn’t the case at all. The access is just a little less convenient. As I stated before some important features like find my iPhone provided via iCloud are still accessible with just your credentials even if 2 factor authentication is activated. And not sharing your opinion doesn’t make my posts silly. I’m not judging you for your ignorance either.
I totally get the frustration about not being able to deactivate 2 FA, but please stick to the facts. You make it look like Apple took something away from you.
[doublepost=1549960405][/doublepost]Can you be more specific which iPhone settings are actually connected to 2FA?
Because I mostly have those requests on one of my macs if I access the AppStore or iCloud settings.
This is an honest question, I just checked some iCloud settings on my phone and I could do so without authenticating again.
This impacts me far more than Apples 2FA. Banking sites I regularly use on my iPhone constantly act like I'm using the device for the first time (private browsing not on, cookies allowed). and it asks me challenge questions that are not particularly difficult to guess (first country visited for someone in the US... probably 90% going to be either México or Canada). Usually they don't give you a lot of options for security questions... and someone willing to do a little research can find out most answers. City born, mothers maiden name, city you honeymooned in, first school... etc.
I love: 'What was your first car?' and 'What is the name of your first pet?' Sorry for OT..
It's cute how everyone in this thread feels the need to pile on to the plaintiff, the lawyers, all lawyers everywhere, and everyone who wants full control over their devices.
The fact is, though, that plenty of people don't want or don't need two-factor authentication.
Also, Apple's implementation sucks. I often only have a single Apple device on me, and having to go find my iPad so that I could log into my laptop means that my laptop will often be unusable. The last I checked they couldn't figure out how to use a phone call / SMS to do 2FA, which is something that Google, Amazon, Github, etc. have all figured out years ago.
It also interferes with our corporate software stack that is required for all employees.
I don't think this guy is asking too much. He just wants to be able to disable this feature that Apple has forced on people and then imposed an arbitrary and short time limit on disabling it. If Apple wants people to use it then they need to fix it.
[doublepost=1549983385][/doublepost]
Neither of those things are true.
[doublepost=1549983516][/doublepost]
Is it so hard to imagine that other people might have other needs? He told you that he doesn't always have his phone on him. Why should he have to have it to use his computer or iPad?
You're the kind of person that people think about when they complain about Apple users. Get a little empathy, for God's sake.
The fact is, though, that plenty of people don't want or don't need two-factor authentication.
Also, Apple's implementation sucks. I often only have a single Apple device on me, and having to go find my iPad so that I could log into my laptop means that my laptop will often be unusable. The last I checked they couldn't figure out how to use a phone call / SMS to do 2FA, which is something that Google, Amazon, Github, etc. have all figured out years ago.
It also interferes with our corporate software stack that is required for all employees.
I don't think this guy is asking too much. He just wants to be able to disable this feature that Apple has forced on people and then imposed an arbitrary and short time limit on disabling it. If Apple wants people to use it then they need to fix it.
[doublepost=1549983385][/doublepost]
Neither of those things are true.
[doublepost=1549983516][/doublepost]
Is it so hard to imagine that other people might have other needs? He told you that he doesn't always have his phone on him. Why should he have to have it to use his computer or iPad?
You're the kind of person that people think about when they complain about Apple users. Get a little empathy, for God's sake.
So just don't answer the question. Make your own answer. Then use your password manager to record the answer(s).
e.g. "Mother's maiden name" -> "5329 Walnut Street" (Your house address)
e.g. "Favorite flavor of ice cream" -> "Androids Rule iPhones drool"
e.g. "First employer" -> "It's all about the Pentiums!"
This way the answer is unique and can't be guessed. Two-step or 2FA would be better - but until your bank does... it's better then being able to guess the answer.
I don’t know what you’re talking about, but one trusted device is enough to easily receive the code and access iCloud. Doesn’t matter if it’s the phone or the Mac. And to just log into one of your devices 2 FA is not required at all.
So explain how this is worthy of a lawsuit instead of just submitting a request? This is what I have an issue with. Don’t like this button on the Windows 10 UI? Lawsuit!
This is just like me needing to provide part of my credit card details when I log in to a new computer. I already have a username and password. Why am I forced to enter my card details too? Is this now worthy of a lawsuit instead of just requesting this be optional?
I really don’t mind people requesting things. It’s the “lawsuit” that bothers me.
Last edited:
It's worthy of a lawsuit because Apple refuses to change their policy. Check out the support forums: https://discussions.apple.com/search?q=turn+off+two-factor+authentication
No one can make Apple change. They have implemented a good feature in a terrible way and then they've restricted who can turn it off and when. If it breaks then you lose access to your AppleID entirely, and the only way to get into the account is through the recovery key. If you've lost the recovery key then there's nothing anyone can do.
That's a user-hostile approach. Apple could choose to do the right thing, but they haven't and they most likely won't.
You just did with that comment.
How can you say you get the frustration about not being able to deactivate and then right after act like Apple didn’t take something away from people? Those two sentiments cannot exist in the same space. Obviously Apple has taken away choice and the ability to change something if someone wants here. Maybe you don’t care about that, but that doesn’t mean others don’t. Choice is always good. Why anyone would want a corporation to make a choice for them that is irreversible (without telling you) is a mystery.
You just did with that comment.
How can you say you get the frustration about not being able to deactivate and then right after act like Apple didn’t take something away from people? Those two sentiments cannot exist in the same space. Obviously Apple has taken away choice and the ability to change something if someone wants here. Maybe you don’t care about that, but that doesn’t mean others don’t. Choice is always good. Why anyone would want a corporation to make a choice for them that is irreversible (without telling you) is a mystery.
Perhaps he did not mean that they didn't take away choice... but that you/we/us don't own the software, and the service, and have no expectation or say in what security decisions they make. We didn't create it, we didn't fund it, we don't operate it. We use it. What form of ownership over those decisions are you claiming to have? Are you saying that by choosing the use their services, you thus gain ownership of those decisions?
[doublepost=1549997240][/doublepost]
Agreed. Macrumors should pause/freeze this thread... and reopen it in a couple years, to see how people's perspectives have changed. My hunch is pretty much most or all services of any prominence will be using 2FA... people will have to get used to it.
edit: and does anyone find it annoying to so often hear the "my grandmother can't understand it" argument. Should we really base our security on the lowest common denominator in terms of comprehension. This would result in the least effective security imaginable. I get that its harder for grandparents to understand. I go in a nursing homes a lot, and to keep people from accidentally wandering off premises, the doors are locked, and have a number pad to get out. They put a little sign there, that tells you what code to punch to open the door. So it might have a couple colors, with number next to them. And it says on what day of the week which colors to use... the point being although most of us can figure out and punch in the code in a couple seconds, the residents there can't comprehend and do it. Is that the level of security we should have for all of our internet services, which grant access to our confidential information?
Last edited:
I do know for my mom, in a nursing facility, using a Mini, 2FA is a real pain as the confirmations come to me. I'm in another state and that is her only device.
So I can sue Apple because their policy states no adult games can be submitted? How can you guys think it’s okay for someone outside of the company can tell them how to run their business through a lawsuit? Is having 2FA illegal? So how is it worthy of a lawsuit when their policies state the timeframe?
A feature/suggestion request is more appropriate here than a lawsuit.
[doublepost=1550000014][/doublepost]
I agree! We should allow passwords like monkey123 since not everyone can understand more complex passwords!
Yes, I have 2 iPhones, one obtains the 2FA so I can get on the other phone. It is either that or carry around my iMac.
I know what he told me ... I asked simply why when he knows 2FA/MFA will be prompted. I NEVER said he SHOULD have it with him at all times, just simply stated he knows he'll be prompted for it.
It's SOOO hard for you to understand that a phone is a very personal device, and the majority of people may need to accept or expect an important call or SMS message or wish to view personal web queries NOT on a corporate or work computer? Wow you're the kind of person that is just ignorant and spits that word to others in a fit without even considering someone else's point of view.
I also stated I too originally loathed Apple's 2FA ... have a search of my posts a while back using Apple 2FA you'll see it as proof. But you missed this empathy in the form of sympathizing with him as I stated I got used to it.
#7
#5 (2017 when Apple began implementing 2FA and before it became mandatory ... have a read through this thread at my responses and gripes you'll see exactly how I sympathized back then and just simply adjusted over the years.
specifically ...
#5 (2017 when Apple began implementing 2FA and before it became mandatory ... have a read through this thread at my responses and gripes you'll see exactly how I sympathized back then and just simply adjusted over the years.
specifically ...
#309 (2018 when I panicked it wasn't working for me)
1. I asked a question ... a sentence beginning with the word "why?"
2. 2FA or MFA is enabled, this person knows it is and knows it'll be needed. I never stated the phone had to be on the table, it could be in his/her pocket until needed. It's kind of like leaving your drivers license at home when driving a car ... you know you should have it with you when driving, you know a ticket is forthcoming if pulled over and asked for it. Your choice, his choice, her choice ... I'm not forcing the person by saying the phone MUST be with them, just like the law states you "should" have your license with you and you have a certain amount of time to provide it as proof after being pulled over. The same sort-of reasoning of cause and effect.
You're getting WAY bent over shape and at the wrong person. Take a chill pill or have a little bedtime fun and lighten up.
[doublepost=1550024857][/doublepost]
The potential going forward is live sensing biometrics, and biometrics used in combination:
heart rate + facial recognition and/or TouchID type sensor. Meaning Facial or TouchID will not work without a live heart rate reading/pulse and even further within a set calm range. THAT is going to be freaking HUGE in the future .. trust me!
Exactly! I am frustrated when I could not able to disable 2FA. Don't get me wrong..I am all for security, but 2FA feature is so annoying me to no end.
When Apple won't let me disable it, I have no choice and I create my new Apple ID.. it is my fourth one. Yes, FOURTH one. I am so sick of it already.
When the potential is there for people to be locked put of content they have paid for, that’s a problem. Also, I take issue with the lack of notice. If Apple flashed a big read warning sign that said people only had two weeks to change their mind and then reminded them again before that date, I wouldn’t have as much of an issue with it. But choice is always good to have. I don’t understand why so many of you are so willing to give up choice and freedom in a free country. Seems strange.
In a perfect world, sure. But how many features have been asked about for literally years that Apple ignores and doesn’t address? Sometimes you have to draw more attention to something in a different way in order to create the change you want to see.
Let’s assume the United States is a free country that offers freedom and choice, (although obviously it and every other developed country certainly doesn’t, and couldn’t survive if they tried to). Nonetheless, while you have the freedom to buy something (or refuse to), you can also give up a great deal of choice or freedom once you bind yourself to a contract—regardless of whether you read it, or could understand it if you did. EULAs accompany most internet-based devices, and we all just ACCEPT or just use the thing we bought which, by contract, is enough for you to give up your freedom. The seller makes an offer to the public, and the public can accept the terms of the offer or do without the product. Most people just click ACCEPT and they’re not unhappy.
Agree on the notice about 2FA but still convinced that it’s not locking you out. And still waiting for someone to tell me which iPhone features even depend on 2FA. Certainly nothing you need very often.
Seems, when Apple reckons something is good for most, they overstep it somewhere along the line in other countries. Apple should let users disable something just as quickly as you can enable it.
Okay I understand. But, if the device (and the browser) is already trusted, why is Apple bothering me with two factor authentication?
Still a bug.