Using Physical Security Keys

Question

Level 1

4 points

Using Physical Security Keys

I recently set up two physical security keys on my Apple Id account for 2FA purposes. I did this using my iPhone running iOS 16.3, the minimum iOS version necessary to set up hardware security keys.

I also have a MacBook Pro which is quite old and thus cannot be updated beyond macOS Big Sur. This OS version does not allow for adding hardware keys to the Apple Id account, which is why I used the iPhone to perform that operation.

Associating the hardware keys to my Apple Id is great for security since the hardware keys are now required to log in from any device other than my iPhone or MacBook.

Having set up the hardware keys, it suddenly occurred to me that I may have created a trap. What happens if the MacBook gets logged out of the Apple Id account or becomes disassociated with that account in some other way? Will I need the hardware security keys on the MacBook to log it back into Apple Id? If so, I have made a problem for myself since my MacBook OS version does not allow using security keys with Apple Id -- at least that is my understanding.

A clarification from someone who really knows this stuff would be greatly appreciated!

MacBook Pro 15″, macOS 11.7

Posted on Jun 18, 2023 4:36 PM

Reply

Answer 1

Top-ranking reply

FoxFifth

Level 10

471,765 points

Jun 18, 2023 6:17 PM in response to Blaz2

This is not from personal experience but the following from About Security Keys for Apple ID - Apple Support may help:

If your device can't be updated to compatible software, you won't be able to sign back in.

Reply

Answer 2

Blaz2 Author

Level 1

4 points

Jun 19, 2023 7:16 AM in response to FoxFifth

I've previously read all of the Apple material on this subject, including the article for which you provided a link. That article seems to suggest that I wouldn't be able to sign in on my MacBook without a hardware key, which would leave me in a bind since my MacBook OS can't handle keys, as noted in my original post. However, I believe my MacBook and iPhone are considered "trusted devices." For example, if I log into my Apple Id account web page from the iPhone or MacBook, a hardware key is not required. But if I try that using a different device, a key is demanded. So the real question boils down to whether my MacBook would be recognized as a trusted device and be allowed to log into the Apple Id account web page should the MacBook ever get disassociated from the account in some way.

Reply

Answer 3

Blaz2 Author

Level 1

4 points

Jun 22, 2023 1:23 PM in response to Blaz2

Today I ran an update to macOS. The setup procedure at the end of the update required me to log in to my Apple Id account. The login wanted my Apple Id and Password but did not ask for hardware security keys. So, I suppose that answers my own question: that Apple is recognizing my MacBook as "trusted" and thus not requiring the hardware keys. I still feel uneasy about this whole question though. If anyone knows more, I'd like to hear from them.

Reply

Answer 4

Blaz2 Author

Level 1

4 points

Jun 22, 2023 1:33 PM in response to Lawrence Finch

But apparently this is precisely what happened, as noted in my most recent post. The fact that the macOS update procedure asked me to log in surely means that the update process logged me out at some point. Hence I was logged out, and then I logged back in as requested by the last steps of the update process. Hardware keys were not requested.

Reply

Answer 5

Jun 22, 2023 1:25 PM in response to Blaz2

You can log in to appleid.apple.com, but if you log out of your Apple ID on your computer you will not be able to log back in.

Reply

Answer 6

Jun 22, 2023 2:07 PM in response to Blaz2

As long as you haven’t reset the MBA to factory settings and reinstalled MacOS it will still be considered a trusted device.

Reply

Using Physical Security Keys

Similar questions