How to turn off two factor authentication?

elisros27 wrote:

And it's totally useless if you are trying to using iCloud to find your phone.

Nonsense. Open a web browser and navigate to https://icloud.com/find. You will not be prompted for an authorization code to use this function in iCloud.com. But you could still use one of the alternate ways of getting auth codes that you set up when you enabled 2 factor authentication, as the instructions told you to.

Since you choose to use Apple online services (accessed via an AppleID) which then obligates Apple to take reasonable steps to protect your information, account and your privacy, Apple (or any online service provider) has every right to enforce whatever set of access rules and security measures they feel necessary.

You always have the right to simply not use any online service provider’s services. But you actually don’t have rights to dictate how they then secure your information, that you have voluntarily chosen to put into their hardware.

I see all these posts vehemently anti-2FA, but I’d also bet many of these are the same people who cry foul whenever some company they use has a server or account breach.

Michael Black wrote:

I see all these posts vehemently anti-2FA, but I’d also bet many of these are the same people who cry foul whenever some company they use has a server or account breach.

Or, they cry foul about things they don't fully understand, or simply cry foul because they like to complain.

Whether some company is breached is clearly beside the point. And I have never complained to Apple previously.

We all want to be safe from hackers, etc., so we use other ways to protect ourselves rather than 2FA. Many of us fully encrypt our computers, our emails, use VPNs, internet security software and many other protections available that better than 2FA.

We don't need Apple forcing us to except their 2FA. I thought Apple was in favor of protecting individual liberties, but in this case, clearly not.

Got it, but I still would like the decision to be mine, not Apple's. It's no different than me telling you what I want you to do because I believe it's good for you. You're likely to tell me to get lost.

BUCKEYECHAPLIN12 wrote:

If I were a Techie and could see what was coming before i added 2 step auth. i would not need your help. but since im not you want to be RUDE to me! Go Figure...thats real good for business.

For some reason, you accused the original poster of being rude to you. They haven't been active in this thread for some time. And, neither the original poster nor anyone else in this thread has a business relationship with you.

Can you please send me the reference in the Federal code that states Apple's legal obligation to protect my data? Sincerely, I did not read of this. It's good to know they are legally obligated to protect my data.

Loren Boston wrote:

Got it, but I still would like the decision to be mine, not Apple's. It's no different than me telling you what I want you to do because I believe it's good for you. You're likely to tell me to get lost.

you entrust apple with personal information. They have a fiduciary responsibility to protect the data you trust them with. Requiring 2 factor authentication is equivalent to your bank requiring you to have a strong password. Try telling your bank that the decision to have an easily hacked password is yours, not theirs.

Even if you don’t care whether you personal information is stolen your Apple ID account also holds other people’s personal information; their texts, emails, contact information. And it holds information that institutions want protected. The passwords to their sites for example. Banks are responsible if your account is hacked and money is transferred out of your account.

Loren Boston wrote:

Can you please send me the reference in the Federal code that states Apple's legal obligation to protect my data? Sincerely, I did not read of this. It's good to know they are legally obligated to protect my data.

FTC Act (15 US code 41 et seq) Deceptive practices under that act have been taken to include failure to comply with published privacy promises and failure to provide adequate security of personal information.

There are probably other laws in the U.S. (federal and state) that may apply, in addition to laws in other countries.

So, you're saying consumers should rely on this Act to go after Apple if someone hacks into their Apple accounts? I am trying to figure whether this truly protects me as an average consumer - is the averge little guy reasonably expected to go to court against Apple to seek enforcement of this or other laws? Is that how we're protected?

I just saw this:

Credit reporting company Equifax said it was informed by several US regulators that they intend to seek damages from the company related to the cybersecurity breach of 2017 that exposed personal information of nearly 145 million people.

So clearly there is legal exposure to not adequately protect personal information entrusted to a business. And European and Australian governments have already fined Equifax, as well as Facebook and several other companies for inadequate protection of their customer's data.

Well, there is an agency you could have gone to before the current administration took power. It has essentially lost most of its ability to do its job. But here it is or was: https://www.ftc.gov/about-ftc/bureaus-offices/bureau-consumer-protection

And yes, the FTC can go after Apple or any other company, as they did with Equifax and other businesses that were hacked. Except Apple has an ironclad defense: "We gave consumers the ability to protect their data with 2 factor authentication, and required that they opt out if they chose not to."

Let's also think about what "breached" means. If Apple's servers are hacked and data is taken then Apple is clearly responsible. Thus far that has never happened. However, some high profile individual accounts were hacked (e.g., Jennifer Lawrence), but that was because the accounts had weak, obvious passwords and did not have 2 step verification (the predecessor of 2 factor authentication).

Loren Boston wrote:

So, you're saying consumers should rely on this Act to go after Apple if someone hacks into their Apple accounts? I am trying to figure whether this truly protects me as an average consumer - is the averge little guy reasonably expected to go to court against Apple to seek enforcement of this or other laws? Is that how we're protected?

For legal advice, it is advisable to consult an attorney, not random people on the internet.

This is ridiculous. I turned this off months ago. Now I added another phone to my plan and it automatically turned it BACK ON and I have no way to turn it off. I have NOT been using it and should be able to opt out. My husband has been asking me to switch to Android- this is my last straw. I have 14 devices currently using iTunes......that will be 14 less by the end of May.