Michael Black wrote:
Apple’s older 2 step verification used 4-digit codes sent to your trusted SMS telephone number. The newer 2 factor authentication system uses Apple’s iCloud Push Notification service to send 6 digit codes. In both cases the codes are good for only about 10 minutes or so, and then expire. With 2FA, you can register a trusted alternate SMS and voice telephone number(s) to receive codes with when you don’t have an Apple device available for the default push notification codes.
With 2FA, the default is to use iCloud push notification. That notification shows up simultaneously on all your trusted devices. It disappears as soon as you tap okay but it will stay in the screen until you dismiss it so you can memorize it to enter in the box as needed for login to your AppleID or service asking for it.
I use my Google Voice number as my backup (although I also have more than one Apple trusted device anyway) and have only tested getting a code by SMS to that, so cannot speak to how the voice system works. But bear in mind, the SMS or voice code is intended as a backup mechanism, not the default or normal means of getting codes.
While logging into your AppleID management site (https://appleid.apple.com/) will always require a 2FA code to edit or alter anything with your AppleID itself, codes for things like these forums are only occasional. You can chose to trust the browser so you’d then only require a code if you’ve cleared cookies and history, not logged in for a number of days or some other time out period or browser clearing (e.g. a browser update may trigger a need for a code again).
That means I will have to use it all the time and that is NOT acceptable. I don't need Apple trying to dictate to me how to have good security on my two desktop Windows 8 Pro and 10 Pro computers. Default is NO Cookies ever accepted and this has been the case for the past 20 years. If I must accept cookies at a specific site to peruse the site (and the site is one I absolutely need to visit) then first party ONLY cookies are allowed and local DOM storage for that site is very reluctantly allowed and then ALL is cleared when I close the browser at bedtime. I do keep browser history but that only shows that I visited this site on such and such a date and time. Between most browsers updating every month (my default browser updated twice this month) and Windows 10 driving one insane wanting to upgrade to an even worse version than the current one the code will be needed repeatedly.
I read the entire 11 pages of this thread and I was struck by the fact that was obvious to me, but not to some respondents, that most who had problems with 2 step verification or the newer 2 factor authentication (because of very frequently needing a code) were WINDOWS users who chose to get an iPhone because Android phones cannot be used by anyone concerned about their privacy. Plus, I suspect most of them also do NOT use Chrome browser (if they did they would have an Android phone) and block Google anything in any and every way they possibly can (including having nothing to do with gmail and blocking anyone who uses it).
iCloud is a mostly useless mess on Windows because it is hard coded to IE browser. Microsoft says to not use IE at all on Windows 10 and Edge appears to have to been created by a three year old and both invade one's privacy (just as Firefox will soon be doing by bypassing the user's Host file) so Windows users who care about privacy are reduced to using non mainstream browsers and iCloud doesn't work with them. iTunes is an even worse mess on Windows. I will be forced to upgrade my version of Windows 10 in November and I will then be able to completely remove IE forever and that is what icloud is hard coded to by Apple...not Edge but IE. Edge will soon be worthless for anyone concerned about privacy because Microsoft inexplicably decided to marry Google so Edge will become a much worse breaker of one's privacy than it currently is and will be avoided by those who care about privacy.
icloud seems to be needed only for a lost/stolen iPhone as there are other ways to get iPhone photos onto a Windows computer. I would prefer nothing stored in the cloud anyway.