Apple ID Two Factor Authentication is Flawed

Could someone tell me why Apple use Trusted Phone numbers for 2FA instead of a Third Party or Apple’s Own 2FA token generation App (If they create one). Because Trusted phone numbers can be dangerous, think of a situation where a user has only one iPhone and one Phone Number, the person set the same phone number as Trusted number. In case the user’s phone is lost or stolen then the person who finds it or steals it can easily recover the apple account and activate the phone using the Phone Number because the Sim Card is inside the phone and the Sim card can be inserted in another phone to receive OTP.

This is just a stupid implementation.

Posted on Oct 27, 2020 2:25 AM

Similar questions

18 replies

Oct 27, 2020 5:51 AM in response to ckuan

Again use your mind, if someone steals your phone the person might know you, might be someone from your neighbourhood, friends, from your university he/she can be any one. And the personal might just know your Email ID.

And besides that, many people use the same Email ID for iCloud account, knowing someone’s email ID buy their Mobile Number isn’t a big deal, there are many ways someone can enumerate email ID from mobile numbers.

man you don’t know anything about security or hacking. Please stop replying to something you don’t know about.

ckuan

Level 10

120,932 points

Oct 27, 2020 6:13 AM in response to TheWitcherGeralt

You can't change my iCloud without

My Apple ID
My password

Knowing/having my phone number and Apple ID can get you nowhere.

Please educate yourself.

karebu

Level 1

40 points

Nov 20, 2020 3:34 PM in response to TheWitcherGeralt

Apple forums are not good for anything, especially if it’s a flaw with their system. Just go elsewhere

This thread has been closed by the system or the community team. You may vote for any posts you find helpful, or search the Community for additional answers.

Apple ID Two Factor Authentication is Flawed