You can make a difference in the Apple Support Community!

When you sign up with your Apple Account, you can provide valuable feedback to other community members by upvoting helpful replies and User Tips.

Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

2-factor authorization failed me

My son was locked out of his icloud account - not sure why. Oh, well. That's what 2-factor authorization is for. Went to apple.com and tried to log in as my son - sure enough, he's locked out. I believe the message mentioned the password had been entered incorrectly too many times. Good, some naer-do-well was foiled. So I enter his apple id and phone number and get a message saying that instructions are being sent to the phone to unlock it. Nope - no messages are sent to the phone. So I have to go through the same process and say that I don't have the phone. Then it sends a 6 digit code to that phone! What sense does that make? If a thief had the phone, would it really send a 6-digit code to the thief to help him unlock the phone? In any case, entering the 6-digit code brings me to a screen where I can enter the user ID once again and...wait for it...THE PASSWORD! WTF?! Of course the effing password won't work! SO then the only course of action is to reset the password. This triggers the fail safe reaction of completely disabling the apple ID for 24 hours while Apple evaluates the situation. I am pretty frustrated by this time. If I made a mistake, by all means, tell me what it was so that I never subject myself to this circular redundancy again! Or did Apple screw up when they couldn't send the code to the iPhone originally? PLEASE let me know!

iPhone XR

Posted on Sep 1, 2020 4:44 PM

Top-ranking reply

Chattanoogan

Level 7

25,652 points

Posted on Sep 2, 2020 4:21 AM

Slap:

I've read -- and re-read -- your post several times last night and this AM

I can certainly sense - and understand - your frustration.

I'm confident that you'll get all of your accounts squared-up in due time.

I "suspect" -- but absolutely do NOT "know" -- that you encountered pieces of the "old / legacy" verification scheme rather than the new.

Beyond that, all anyone can do going-forward is to better understand Apple's 2FA. With that in mind:

A very good explanation of the 2FA concepts, and user steps is available here:

https://support.apple.com/en-us/HT204915

If reasonably well understood, you shouldn't encounter any real problems using 2FA going-forward.

That said, IMHO a few points from the document deserve a little extra emphasis:

1) Commit your AppleID and chosen password to absolute rock-solid memory.

Be able to accurately regurgitate them at unexpected times and while under stress.

You rarely need them, but when you do, you often REALLY need them.

(Example: Using FindMe to locate and/or restrict use of your misplaced / stolen mobile device.)

Keep the password VERY secure (i.e. only in your brain). With an AppleID and password, any ne'r-do-well can disable your devices.

(2FA codes are not required for this function)

2) Use multiple "trusted phone numbers"

Think-ahead about how you'll receive your codes if any one of your devices -- or catastrophically all at once -- are lost or inaccessible.

2) Keep your "trusted phone numbers" up-to-date.

While this might seem blindingly obvious; like any other "housekeeping task" it's easy to let it slide and end up w/ your codes being sent to no-longer-used phone number(s).

3) Practice, practice, practice.

The first time to use FindMe is NOT when you've really lost your device.

Give it a try, beforehand. For example:

Actually "mark" your mobile device as "Lost."

Actually set the screen message with a "If you find this phone call ... " message.

Actually "find" your phone and place it back into normal operation.

Use all of your trusted phone numbers to receive codes.

Finally, if you don't do all of this, Apple still provides good mechanisms to recover.

However these methods - by their nature - require extra steps, time, and mental resources from you; and they almost always need to occur at times of already elevated stress.

Cheers.

View in context

2-factor authorization failed me

Similar questions