How to turn off two factor authentication?

What a pain! I have multiple devices signed in and they're all a mess now since all I do is enter passwords and verify that they are all mine. Never-ending pop-up messages telling me some account features may not be available unless I sign in, but I AM SIGNED IN on everything.

Why are you telling us? We are your fellow users. We can't do anything about it. If you want to let Apple know, use the feedback page:

Product Feedback - Apple

If you explain exactly what the problems are that you're having, perhaps someone can help you learn to use 2FA better so that it isn't so frustrating.

Start by reading this article:

Two-factor authentication for Apple ID - Apple Support

As a software engineer then, you should also appreciate that nearly every single internet security corporation on the planet recommends 2 factor authentication or 2 factor logins for all online service accounts. And nearly every single online service provider (of any services) offers it, from Sony PS accounts, to Google, Amazon, MS, most banks, and so forth.

Apple has merely gone the extra step of requiring it to use their online services.

I have not had a single issue with Apple 2FA, nor have I had any with the other online service providers I use something analogous with (Google, Sony, MS, my bank, the US federal government service accounts I have, Intuit, etc, ...). 2 factor security to protect your online accounts and online login IDs is not new, not novel, nor even radically different in how Apple implements it.

And it is a direct result of people not taking their own account login security seriously, yet demanding at the same time that online service providers bear responsibility for their accounts.

I should have researched this before replacing my old iPad, as this is beyond frustrating. I would have continued to use my old cracked screen rather than having to be constrained by this two-factor authentication nonsense.

If you explain what it is about 2FA you find frustrating and constraining, someone can probably help you figure it out. If I have to interact with it more than once a month, that's a lot. Usually, I have to enter the code when the IT folks at work mess with my Windows computer. On an iOS device, generally, you'll need it when you set the device up but almost never after that.

It might help to review the support information, especially the section on managing devices:

Two-factor authentication for Apple ID - Apple Support

You can add to your trusted devices any SMS text capable cellular telephone, or any landline to receive codes by electronic voice.

You can also use VOIP text capable telephone numbers like a Google Voice or other VOIP service number as a trusted number to get codes at.

I understand where you're coming from, but I disagree with you and them whole heartedly. I think it should be up to an individual whether they want that type of control. I don't and won't be getting anything 'apple' from here on out.

Actually, I am not "coming from" anywhere. I am a user just like you, and I am not sharing an opinion. I was sharing the "rights" of the company that you have agreed to create an account with. And since that company is the one taking on the liability, they get to make the rules. It's no different than any contract that you sign when you set up an account anywhere. It boils down to this bullet in the Apple Media Services Terms and Conditions which includes the Terms and Conditions for your Apple ID:

- You may access our Services only using Apple’s software, and may not modify or use modified versions of such software. (Legal - Apple Media Services - Apple)

In order to protect both themselves as well as the millions of users who have set up an Apple account with which to access and use all of those services, Apple is going to ensure that the security design and protection of the access route (your Apple ID sign in) is constantly ahead of the curve (and the lowlifes). I don't get to control what requirements are going to accompany any of my accounts as time goes on. The security measures are not just for you - they are for millions of users and hundreds of services, and the adherence in protecting access to any part of the Apple ecosystem.

Best,

GB

proaudioguy wrote:

I do not like 2 factor authentication. What I can't figure out is why my WIFE gets the authentication number instead of me. It even shows MY phone number in the settings!

Your wife is getting the code because her device is, apparently, listed as one of your trusted devices. See this article for more information on managing trusted devices:

https://support.apple.com/en-us/HT204915#manage

Of course, having her use only her own Apple ID on her phone would also solve the problem.

Why can't we call Apple and answer our security questions / give set up information to obtain a code? there is a serious flaw in this method.

There are no security questions with 2FA. The trusted device is more secure than questions.

Going forward, you should add a second trusted phone number for just such a scenario. Do you have any other smartphone you can borrow? You can put your SIM in another device and send codes via SMS or voice to that other device.

A business should not be sharing an Apple ID among employees. NEVER. NEVER. NEVER. That is the complete extent of your problem. Each phone needs its own Apple ID. If you need central management Apple offers that service as Mobile Device Management. If you don't share Apple IDs the problem goes away. Along with a dozen other problems, such as shared texts, shared contacts, if anyone with a phone changes the Apple ID password then no one can access their Apple ID.

Here's information on MDM:Get started using Apple Business Manager or Apple School Manager with Mobile Device Management - Apple Support

Your issues cannot be averted if you share an Apple ID. Get some other phone that has less security. BTW, you don't need to buy your phones from Apple to set up MDM. So you are creating your own problems by using the devices in the way that they were never intended to be used.

Actually, there is one way. Get a new Apple ID. Change all of the phones to the new Apple ID and disable 2 factor authentication when you create the Apple ID (you must do it that way, because 2 FA is now automatically configured on new Apple IDs).

Ok, let me clarify.

On older iOS devices attempts to access the app store requires a request to sign in with an iCloud password followed by a 2fa code.

The 2fa code is sent to the other devices, but there is no option available to enter it into the older iOS device (because it wasn't designed to do this in the 1st place). This renders the app store useless on older devices.

I had this problem previously and discovered that I could disable the 2fa and then it worked ok.

Now it is not possible.

Loren Boston wrote:

Very unhappy that Apple does not give its customers the ability to make its own decisions regarding two-factor authentication.

I have 6 Apple products in use and anytime I want to make changes it's a major hassle. VERY UNHAPPY!

You DID have the opportunity to turn it off, but you neglected to do so within the 14 day period that you're allowed to.

It is IMPOSSIBLE to protect yourself from hackers without 2 factor authentication. No matter how much you encrypt all it takes is a hacker to call Apple's account security and pretend to be you to get into your Apple ID account. Virtually everything needed to prove that the caller is you has been published on the dark web. Your name, address, previous addresses, social security number, mother's maiden name, employer, previous employer, email addresses, phone numbers - I could go on, but I hope you get the idea. There is nothing that Apple could ask a hacker that could not be answered using the information already compromised thanks to Equifax, Facebook, and dozens of other sites. With 2 factor authentication Apple's security team is out of the loop. There is no way a hacker can bypass 2 factor authentication, so it is the only protection you have against your Apple ID account being hacked. That and the hope that no one thinks you are important enough to hack your Apple ID.

And this applies to everywhere else you have online accounts. Your bank, broker, landlord, insurance company, IRS, Social Security, Medicare...

If you don't have 2 factor authentication on every site that has important personal or financial information you will be hacked. The question isn't if, it is when.

Federal law has little to do with it. Companies get sued for data breaches, hence the courts hold them responsible for the personal or private data they hold in their clients accounts. They therefore have every legal right to impose security restrictions or rules for how any users access their account’s and data held in the company’s servers.

You have every legal right to not use their services if you don’t like their rules and requirements for access. But companies are going to use whatever security requirements they feel necessary or appropriate to cover themselves from liability when offering online services that store user data. And they have every legal right to impose those requirements on users when a user chooses freely to use their online services.

The reality is that most country’s laws governing online security and corporate responsibility either don’t exist or are woefully out of date and inadequate. Most corporate thinking about online account security is driven by civil law and liability, and a company’s own corporate culture and attitude towards their clients and their clients privacy.

As has been explained in the thread you didn’t bother to read before posting, you can log in to https://iCloud.com/find without requiring a code, and you can and should assign other trusted means of receiving authorization codes such as any other Apple devices you or friends or family own, as well as other phone numbers, including landlines.

Yes, you can turn it off. Go to Settings > Your name > iCloud. Scroll down to Find My iPhone and turn it off. Then back up one screen, scroll to the bottom and tap Sign Out.

There, now your iPhone will never bother you with those pesky 2FA requests again. You also won't be able to lock it if you lose your iPhone, or someone steals it. Worse if they swipe it out of your hands and it's open to the desktop (already past the 6 digit login screen). With no way for you to lock it, they'll be able to look through all of your contact info and any other personal information on your phone. Yeah, that would be great if you have apps installed that automatically connect your banking or other financial institutions. They'll also be able to erase it as new and use it themselves, or sell a fully working stolen phone to someone else.

So, which would you prefer? Security, or a wide open phone you can do nothing about if lost or stolen?