Two-factor authentication on my Macbook sends a code... to my Macbook??

Shelia Addison wrote:

"Whenever you sign in with your Apple ID on a new device or browser, you'll confirm your identity with your password plus a six-digit verification code."

So why does it require identity confirmation when I am signing in with the same device, and same browser, I sign in from every time? That's the problem.

Well, it shouldn't if you are signing into iCloud.com. It always will require a Verification Code if you are signing into your Apple iD account. Do you sign out of iCloud.com when you are done? Have you checked to make sure that the little box is selected:

Just checkin'....

GB

... and as Eric Root has mentioned, I am one of those that have noticed this on my Mac mini as well. This seemed to started happening within the last couple of macOS High Sierra updates. What I haven't tried to see if it would resolve this, is removing, and then, adding back my mini to the trusted device list for my Apple ID.

That makes zero sense from a security perspective.

Incorrect. It makes perfect sense.

2FA does not protecct your device. It protects your account.

2FA is secure when used, and understood, as designed. Without physical access to your unlocked device, nobody can make use of your username and password.

You use your strong local password to unlock your device, where you ask for, and receive a verification code from Apple to access your account.

If I have your locked device, I can't see and make use of the code.

If I have your unlocked device AND your username and password, only then could I compromise your account.

If you didn't select the option to trust the browser and you'll be asked to sign in again. If you deleted your cookies since the last time you signed in, you'll be asked to sign in again. If you signed in while in private browsing mode, you'll be asked to sign in again.

Hmm, on my home computer, I generally don't log out, so hadn't tried that (Logging out and confirming the box is checked in the window Gail posted the picture from). That seems to have worked at least for iCloud for me. The AppleID still requires the 6 digit code, but that is perhaps wise...

Via Manage your Apple ID

Check your Apple ID device list to see where you're signed in - Apple Support

Read this article Get a verification code and sign in with two-factor authentication - Apple Support

Based on what I've read, if your computer is a trusted device, the code will be sent to that computer. Many people have reported seeing this.

You always need it for login when 2 Factor Authentication is enabled. The email is normal also.

For security reasons , read what LACAllen suggested .