This is incorrect: the verification code is sent to the requesting device as well (thereby completely negating the 2FA design, but I digress)
Yeah, whoever thought "Lets send a security code to a device that the bad actor has control of, as a way to protect said device" clearly didn't think this thing through. I realize some people value convenience over security and that is their choice. For the rest of us, it would be nice if we could opt out of that security compromise. Unfortunately, apple doesn't allow us to opt out of this loophole. And the issue continues with these keys. The compromised screen unlock code still ends up being the key to the entire kingdom.
Someone already answered this, but Apple needs additional steps to protect the AppleID. Some possibilities. Some/all could be optional:
1. 72 hour delay period before you are locked out - so you could back out of it from a different Apple Device, e.g. iPad.
2. Require FaceID/TouchID in addition to the password to reset it. And/or require the old password be entered to reset it.
3. Require confirmation on a different logged in Apple device, so it can't be done from the stolen device.
4. Sign phone out of iCloud for the paired iPhone from the Watch.
5. Or allow you to lock the paired phone from the Watch so that it needs a password AND confirmation from a different Apple device before they can do anything.
Yes, exactly! Make these optional features that a user can enable.
If you have to go through all of that for a smartphone, something is amiss in the design.
Au contraire if one doesn't have the option of locking down a mobile device, something is amiss in the design.
So I get that I need to have a couple physical things on hand to prove I am me when logging into websites. Why can't those things be my phone and/or watch, which I already have on hand? The watch could ensure your heartbeat and respiration are within calm norms when accepting the equivalent 2FA. Maybe the iPhone can scan my retina (or some such thing) like you often see in science fiction movies? Why can't Apple hire Elizabeth Holmes (working from her new "home") to confirm our identity via our phone from a small drop of blood ;-) ?
Also, do these Yubi-keys come with added functionality like also containing a flash drive?
I'm looking for more simplicity and convenience in my life...
The point is that a compromised phone would then mean a compromised digital life. That is less security, rather then more security.
And that's OKAY if a user wants to live that way. In fact, Apple has enabled this with passkeys!
But then there's users that would like to disable the one step to open every account feature called a screen lock code. Which is also a keychain lock code. Which is also a 2FA access code. Which also gets into my banking app via faceID. And into my PayPal. And etc etc.
The hope with the Yubikey security key type device is that it might have been able to protect a compromised screen lock code. But the implementation falls short. The hope was that perhaps the screen lock code could be different from the "one code to open everything in the digital iCloud and phone"......perhaps relying on a YubiKey.....but alas Apple has not enabled that option for users.
Only viable if the Watch has independent internet connection. I expect most people (like me) can't justify a watch with its own cellular plan.
I used my watch on wifi a lot. But that's probably beside the point.
Why? Well, one doesn't even have to have a second Apple device. Or a second phone number. Etc.
The Yubikey
could have been that second physical device......but Apple didn't make that an option.
To reset a forgotten Apple ID password should require a waiting period or a recovery key. Not the phone's passcode.
Heck, while I agree that "require" is probably the smart/safe way to do it, even just making it an option to set up that way would be a big step forward. They don't have to require people to use it, if that would someone be too much inconvenience...
Not if it is essential for work or personal use you need soonest. It is situational.
Users demand instant gratification. iDevices were designed with that in mind.
The solution needs to be simple as hell so everyone will use it and the minimalist number of folks will complain.
This user doesn't demand instant gratification. In fact, I'd use my iPhone for lots more sensitive stuff if it offered better security options. As it is, I had to stop using it for banking, contactless payments, iCloud had to be turned off, etc, because the design flaw of only allowing a single screen lock code to access all my other passwords on the internet, on the same device used for 2FA authentication, is just a mind bogglingly silly proposition.
The Yubikey could have been an option to lock this down, but alas it is not way Apple chose to implement it. And they didn't even allow the OPTION to make it work in a more secure manner.
But what I have learned in speaking with people off the record: Apple considers a stolen device to be a compromised account fait accompli. What does that mean? That means they assume that if someone steals your phone, they WILL get into everything on it. Or "Game Over." They actually do NOT believe or intend any of their measures will reliably stop an attack when the attacker has physical possession of your device. So they aren't interested in pursuing more security in that realm so far.
I just can't. It locks out any device from your AppleID that can't run the newest OS (Venutra and iOS16). That means iCloud, but also the App store. No more updates or even installs of anything from the app store on your older devices, even if it's capable, even supported. Have a 7 year old laptop you want to keep around with a few still-supported apps (maybe even running the still security-supported Big Sur)? Nope. Old iPad? No apps for you. I tried it. For a week. Went back after it became clear my old devices were totally cut off by the digital boogeyman of non-ownership. Too much of a hard break for my taste at the moment. That's my experience and my take.
Actually, I have several Apple devices on the old OS and am using the new security key setup. None of my old devices are locked out. I just have to use them once every 90 days to keep them logged in. No need for the latest OS.
I agree this is not ideal, and seems like a strange case of built in obsolescence just to get people to upgrade.
That being said, it is par for the course for Apple, where many many apps start breaking on older devices as support becomes increasingly deprecated. So I am not too hopeful that will change.
But at least I can keep using my older devices with this new Yubikey world, as long as I log into each device in the old way at least once every 90 days.
