Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

Huge MFA security problem

As of right now, every single device associated with my iCloud Account is listed as a "trusted device" and recieves a verification code any time I try to sign into iCloud. Meaning if I am sitting at my laptop trying to sign in and MFA sends a verification code, my laptop, my old phone, my new phone, my son's iPad, and old iPad all get the same code. Obviously, this kind of defeats the purpose of MFA...


How do I set it so only one or two devices are "trusted" and receive verification codes? (as opposed to ALL of them) as is the case now?

Posted on Jan 9, 2023 10:06 AM

Reply
Question marked as Best reply

Posted on Jan 9, 2023 10:15 AM

The 2FA account is initially created from primary laptop ( Mac ) , and the trusted devices that are verified in the account by signing in with same Apple ID and password on the same network , so all are synced and will always get same verification code .

You can remove the desired devices from laptop so that they won't sync and get codes Use two-factor authentication for security on your Mac, iOS devices, and iPadOS devices - Apple Support


3 replies
Question marked as Best reply

Jan 9, 2023 10:15 AM in response to Crazy3ddie

The 2FA account is initially created from primary laptop ( Mac ) , and the trusted devices that are verified in the account by signing in with same Apple ID and password on the same network , so all are synced and will always get same verification code .

You can remove the desired devices from laptop so that they won't sync and get codes Use two-factor authentication for security on your Mac, iOS devices, and iPadOS devices - Apple Support


Jan 9, 2023 10:16 AM in response to Crazy3ddie

Crazy3ddie wrote:

As of right now, every single device associated with my iCloud Account is listed as a "trusted device" and recieves a verification code any time I try to sign into iCloud. Meaning if I am sitting at my laptop trying to sign in and MFA sends a verification code, my laptop, my old phone, my new phone, my son's iPad, and old iPad all get the same code. Obviously, this kind of defeats the purpose of MFA...

No, it doesn't defeat the purpose of 2FA. The purpose of 2FA is to protect your Apple ID account, not your device. It is assumed that you will have passcodes on your device to protect them when they are not under your control.


Your son should have his own Apple ID for his iPhone and his iPad. That way he won't have access to any of your information, including your verification codes.



Huge MFA security problem

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple ID.