I might have missed it, or not be understanding something well. But would requiring 2FA for AppleID password changes be an improvement? The AppleID password is such a POWERFUL password that I feel it would warrant stricter change requirements.
This would only work for people with multiple devices, so perhaps for those people without multiple devices, some form of secondary contact method could be used to authorize the change.
Airplane mode has been mentioned as a workaround, but couldn't FindMy send the lock down signal even with Airplane Mode on in the same way that AirTags are always in communication? If this FindMy signal is blocked by the current AirPlane mode, perhaps it could be changed so the the standard AirPlane Mode leaves the FindMy network active (I don't believe this is an issue for the FAA) with a secondary option to enter a FULL AirPlane Mode, but that requires the AppleID password, which they have been blocked from changing.
This way, an AppleID could not be changed and FindMy not turned off, without authorization on a secondary device, and even if they turned on Airplane Mode, the device would still be in contact with the FindMy network and remote lockable as well as trackable.
I'm assuming I've missed some glaring problem with this idea, because people way smarter than I have put a lot of thought into it. So please be gentle if it is a dumb idea! hah
	
		
			
		
		
	
				
			This would only work for people with multiple devices, so perhaps for those people without multiple devices, some form of secondary contact method could be used to authorize the change.
Airplane mode has been mentioned as a workaround, but couldn't FindMy send the lock down signal even with Airplane Mode on in the same way that AirTags are always in communication? If this FindMy signal is blocked by the current AirPlane mode, perhaps it could be changed so the the standard AirPlane Mode leaves the FindMy network active (I don't believe this is an issue for the FAA) with a secondary option to enter a FULL AirPlane Mode, but that requires the AppleID password, which they have been blocked from changing.
This way, an AppleID could not be changed and FindMy not turned off, without authorization on a secondary device, and even if they turned on Airplane Mode, the device would still be in contact with the FindMy network and remote lockable as well as trackable.
I'm assuming I've missed some glaring problem with this idea, because people way smarter than I have put a lot of thought into it. So please be gentle if it is a dumb idea! hah
 
 
		 
 
		 
 
		