Why is a verification code being sent to the very iPad I am on?

So, I have two-factor authentication set up and when I sign in, it says I need to be verified. But, it then sends the verification code to the very iPad I’m already working on rather than to a different device!


What's up with that?


How can I fix it?


Plus, why does it request it every time I log into these forums? Why can't I just log in?



Posted on Jun 10, 2019 6:51 AM

Reply
33 replies

Jun 13, 2019 5:39 AM in response to Skydiver119

Thanks for the different replies...


Perhaps, my question was misstated or misread! I know what two-factor identification is, but it doesn't make any sense that it would send the code to the VERY SAME, THE EXACT DEVICE you are currently on.


I mean, if someone gets a hold of your iPad, they should be blocked entirely — instead, this approach means they can get into your account.


Having the security code be sent to the SAME device defeats the security purpose entirely! It's also a distracting nuisance to every user of other trusted devices on the account as they get prompted to accept the code each time.


What adds to the frustration is that after one enters the code, one is asked whether one wants to trust the browser they are using! Well, why wouldn't you?


At this point, it seems to be more nuisance and little or no security!

Jul 12, 2019 7:49 AM in response to AstroMacMan

Even if you NEVER take your iPad outside your home, I HIGHLY recommend you set up a passcode on the device. It's another layer of protection and I would never never never have any iOS device not managed under a passcode.


Just be smart and use a code you know you can remember AND write the code down somewhere safe for easy retrieval if you should forget it and get yourself locked out of the device.

Jul 12, 2019 10:57 AM in response to lobsterghost1

I'll take convenience over paranoia (or security) any day of the week!


I open my iPad many times per day and do NOT want to waste the time, have the hassles, or go through the nuisance of having to enter a passcode EVERY time.


You don't know what you're missing by not being able to pick up the iPad and get instant on and resume what you were doing right away.


Plus, IRC, it also shows the lock screen and the time, which I have no interest in knowing, especially at night!


In any case, that doesn't solve the 2fA nonsense where the authentication code gets sent to the same device! No security in that at all!

Jul 12, 2019 11:22 AM in response to AstroMacMan

AstroMacMan wrote:

I'll take convenience over paranoia (or security) any day of the week!


And that right there is why identity theft and private data compromises is a many billion dollar a year problem on a global basis. As long as people take that attitude, the hackers, scammers and theives will enjoy job security and growing wealth.


I open my iPhone and iPad many, many times each day and find faceID or touchID trivially simply to adapt to. The only time I ever have to enter the passcode for them is when they get restarted after an iOS update.

Jul 12, 2019 12:08 PM in response to lobsterghost1

“No one from Apple is here on this user to user only forum, so telling us what you think doesn't really matter.”


Physician, heal thyself!


You provided gratuitous commentary that wasn't relevant to the question I posed.


Worse, you misread my post — I didn't say that 2fA was nonsense, just that sending the authentication code to the same device was. You've offered no response about that, just misread my post and said it's a sentiment you don't agree with.


Hmm... Telling me what you think again rather than helping me understand what's going on!


By the way, I have given Apple feedback on this.

Jul 12, 2019 12:16 PM in response to Michael Black

Glad it works for you! It doesn't for me. By the way, don't impugn me with causing identity theft problems, especially when you've cherry picked a comment.


Read further and you'll see that I do use a passcode when I take my iPad out of the house. But, at home, typing in a passcode is a waste of time. That's where convenience trumps paranoia. I also don’t keep confidential information on my iPad.


But let's say someone broke into my house and stole my iPad. That's where i would have thought 2fA would have protected me. It would prevent the thief from getting into my account. However, that doesn’t stop them because the authentication code is sent to the iPad they stole! Does that make any sense to you?!


Also, do you have a tip on how to instantly get back to what you were doing, without having to go through the lock screen and see what time it is?!

Jul 12, 2019 12:20 PM in response to IdrisSeabright

So, now I’m rushed or lazy?! 😎


Can we avoid the ad hominem attacks and get back to the topic and the main question, namely, why does 2fA send an authentication to the very device I'm logging into my account with?! Is there someone that I set up incorrectly? Is there an option to stop that?


——————————


By the way, from what I recall when I’ve used the Touch ID, it


a) works intermittently or is finicky, and


b) still shows the time, which I do not want to see.


Jul 12, 2019 12:26 PM in response to AstroMacMan

AstroMacMan wrote:

So, now I’m rushed or lazy?! 😎

No, I didn't say that. The fact that those are the only reasons I can see for being averse to taking the couple of seconds to enter a passcode doesn't mean they are the only ones that exist.




By the way, from what I recall when I’ve used the Touch ID, it

a) works intermittently or is finicky, and
b) still shows the time, which I do not want to see.

Touch ID on my iPad is flawless. Have you tried it recently?


But, as has been pointed out, no one here can make the changes you want. We understand that you don't like it. That doesn't seem to leave much to discuss.

Jul 12, 2019 12:27 PM in response to lobsterghost1

I gave them feedback last year on this! Not as a result of your “feedback”!


Why the personal snark? Saying I’m “fussing”? That it's a “major issue for you”, as if it's not a general problem.


Do you think it's logical that a 2fA code gets sent to the very device that one hopes would need a *separate* device to authenticate with? I would think it's a major issue and a lapse in security!


Can you confirm that it's supposed to work that way? Or, do you know if the behavior would change if I turned off 2fA and then turned it back on?

Jul 12, 2019 12:30 PM in response to AstroMacMan

You seem to think it matters what you, me or anyone else thinks. IT DOESN'T MATTER, because it's doing exactly what Apple Engineers designed it to do. You're taking umbrage with every poster who has responded to you.


We don't work for Apple. We don't have any input into Apple. We can't change anything Apple has designed.


If you have an issue and the fact you seem to be arguing with every single one of us, says you do have an issue, take it up with Apple.



Jul 12, 2019 12:35 PM in response to IdrisSeabright

Idris, you've said it's logical. Why is that? My understanding of 2fA is that the authentication code is sent to a separate device than the one the user is on. For example, for bank accounts, if you log on via a computer, and have 2fA set up, the bank sends you a text message or calls you to confirm your identity. That is, they contact you via a different device or method. Other institutions and organizations work similarly. You cannot get in using just one device.


This isn't about my simply “not liking the choice”, but genuinely trying to understand why it works this way. It doesn't seem to add a bit of security, just a level of hassle!

Jul 12, 2019 12:58 PM in response to Michael Black

Michael, via a phone call or different device. But we're talking about the case, which must encompass many if not most Apple users, of having more than one device!


That support page says this:


How it works


With two-factor authentication, your account can only be accessed on devices you trust, like your iPhone, iPad, or Mac. When you want to sign in to a new device for the first time, you'll need to provide two pieces of information—your password and the six-digit verification code that's automatically displayed on your trusted devices. “


OK, my iPad is a trusted device. It should let me in without any authentication. If it's considered not trusted, it shouldn't receive the code!


What's a trusted device?


Trusted devices


A trusted device is an iPhone, iPad, or iPod touch with iOS 9 and later, or a Mac with OS X El Capitan and later that you've already signed in to using two-factor authentication.”


Well, If I’ve already signed in using two-factor authentication, why is it requiring me to sign in again?


And, if I’m not signed in, why is it sending the code to a non-trusted device? As Spock would say, “Highly illogical, Captain!”


It further says this:


”When you sign in on the web, you can choose to trust your browser, so you won’t be asked for a verification code the next time you sign in from that computer.”


Yet, even after trusting the browser, it keeps asking for verification the next time I sign in on that computer!


In other words, it's not working the way that page says it should!


——


Clearly, we have a failure to communicate here. You all seem perfectly content with however it's working — and probably stay logged in all the time with your Apple ID — so, it's not a problem for you and doesn't interfere with your use on an iPad.


But it does interfere with mine, which is why the issue arose. Yet, the real problem is that it doesn't fit any model of security I've ever encountered or what I’ve read about 2fA.


If what I’m experiencing is how it's supposed to work, which is contrary to what Apple's own web page states, then I'll just turn it off as it's offering me no extra security, at all!


In any case, I’ve wasted enough time here on this and am not getting any coherent explanations but rather patronizing or tangential responses, so I’m done. Thanks for trying, anyway!

This thread has been closed by the system or the community team. You may vote for any posts you find helpful, or search the Community for additional answers.

Why is a verification code being sent to the very iPad I am on?

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.