Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Guys I’m not complaining i am merely highlighting what must surely be a bug.

Tell me what the point of sending a device authorisation code to the actual device that is in question?

Imagine visiting an ATM at a bank and when you put your card in it asks for the PIN number but at the same time shows on the screen what the PIN number is.....

You get a two-factor authentication code on every device that’s logged in to your iCloud account. To be logged in to an iCloud account on a device, you have authenticate with a second factor.

Apple doesn’t know if it is you logging in to the Apple web site or someone else. If it were someone else logging in to your account from a computer that hasn’t been two-factor authenticated, they wouldn’t get this code and wouldn’t be able to authenticate with a second factor. Hence, they wouldn’t be able to hack into your account.
[doublepost=1539826964][/doublepost]
Hacks happen and if they happen on a trusted device, then the user is allowed in, even if they are not "authentic".

The entire point is the MFA PIN should not be sent to a device where the login is occurring, as it's not the safest option.
What if a user only has one device? What if the user has a Mac and an Android phone? How would you handle this?

You should have FileVault enabled and your login protected with a password. You should also set your Mac to lock the screen within a few minutes of inactivity. This way, only the user will be able to log in from this computer unless the user is doing this under duress.
 
The reason for this is that a browser does not have access to the "trusted device" data that is set up in your iCloud settings on your computer. It's, in effect, sandboxed away from all of that. This is why you get a pop up notification with the code when you're signing into an Apple webpage. Whether you're using Safari, Chrome, or Firefox, the only way a browser can send the "I'm a trusted device" flag is via a cookie, which it won't have the first time you log in.

You can test out the same behavior on iOS. Open up Safari on your iPhone or iPad, and go sign into http://appleid.apple.com. It will show a popup right there on the iOS device you're trying to sign into... for the same reason: the browser can't send the necessary "trusted device" settings the first time.

DING DING DING. So glad someone finally said it Lol.
 
  • Like
Reactions: Recognition
I wonder what format all this data comes in.

I successfully submitted my a request this morning. According to their onscreen text during the walk-through, the data will come in a variety of formats, depending on the data you request, including, but not limited to, JSON, XML, CSV, PDF, and actual "files". About the only thing you can't/won't get in a download package is your actual iTunes media (movies/shows/music) purchases, or iCloud photo files.

They even gave the option of choosing the largest desired file size of the data files, ranging from 1GB to 25GB. I'm assuming the largest data files will be email and messages logs and dumps.

Edit/P.S. They also indicated it could take up to a week to process and deliver the files.
 
I wonder what format all this data comes in.

Apple_Privacy_Data.jpeg

iCloud_bookmarks.jpeg

AppleCare.jpeg

Apple_ID.jpeg

calendar_reminders.jpeg

app-iTunes-iBooks-music_store.jpeg

other_data.jpeg

marketing_communications.jpeg

iCloud_notes.jpeg

I have my Notes stored multiple times, so no big biggie...


hth

Regards, splifingate
 
I know this article was written over 4 years ago, but why was it back then possible to get a copy of my data with my ipad and now it is not possible anymore. I thought apple is marketing the ipads as a computer. Well i have a “fancy” iPad Pro computer and i cannot download a copy of my Apple ID account data because the website wouldnt give me the option if i access it through my ipad or iphone. I dont own a mac or pc… coz i thought we are beyond that need. And ironically one of the very few things i would need a traditional computer for is to download my data from an apple website. I put this in as a feature request a few years back, but once a year i do a major data backup and for a few years in a row i wasn’t able to get my apple data. Because of that. And somehow i cannot find other people online complaining about it. everyone here fine with this?
 
  • Like
Reactions: SBlue1
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.