Toggle sidebar Toggle sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Two-factor authentication

L

lordthistle

macrumors 6502
Original poster
In the screenshot you can see what happens when Apple uses 2-factor authentication on my intel iMac running Sequoia. I have also more recent Macs, but cannot remember if this happens.

Basically, according to Apple genius, in order to secure the access to my account when using Machine A, it blocks everything and asks me to provide a code displayed on the same Machine A. What's the point?

What do I need to check to make things right?

Screenshot 2026-04-14 at 11.39.01.png
 
So if you enter the code, it’s not accepting it? Or it asks for another one?

Not clear to me what exactly isn’t working here…
 
FreakinEurekan said:
So if you enter the code, it’s not accepting it? Or it asks for another one?

Not clear to me what exactly isn’t working here…
Click to expand...

I entered that code and for Apple the 2-factor authentication was fine: I got access to my iCloud account. If an "attacker" is using this machine, they can simply use that code - no need to access any other Apple device I own.
 
I've also seen that on my devices. It only shows the code if you were securely logged in on the device in question.
But if you are logged in securely, why do you need the code?
 
Exactly, I should have added this. On Machine A I was already logged with my iCloud account - I asked to access iCloud from System Settings and they wanted me to authenticate me on the web via a browser.

But either you need 2-factor authentication or you don't. Either way, the current implementation is broken.
 
Not particularly annoying, but they ask me to authenticate myself when I am on a trusted device and access some system settings, then show the 2-factor code on the same device. There is no logic.
 
  • Like
Reactions: chrfr
lordthistle said:
Not particularly annoying, but they ask me to authenticate myself when I am on a trusted device and access some system settings, then show the 2-factor code on the same device. There is no logic.
Click to expand...
If you are concerned, you can remove your Mac as a trusted device. The code appears on any separate trusted device logged into your Apple account. That way an “attacker” would need access to both devices to succeed. Than again, if the attacker has already comprised the Touch ID or your account password and is logged into the account on your Mac, perhaps this issue is the least of your worries.
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back