How to turn off two factor authentication?

Can you tell me how does one encrypt push notifications? What type encryption is used, symmetric, asymptionmetric?

I read APN and didn't see any reference to encryption.

My original statement was, an users should be able to opt in and out of two factor authentication instead of an entity forcing it on them because it is for general public not a corporation.

Most corporations stipulate 2FA for remote access. It works because it is controlled and managed environment and if it doesn't work, user is able to call support. to

By the way, SMS was never encrypted because SMS (Short Messaging Service) is cryptographically expensive to encrypt. Not only the expense, how do you exchange keys, PKI? Symmetric Key encryption?

Please don't resort making up things to prove point! it is not useful because, all claims can be easily verified.

Pall wrote:

Can you tell me how does one encrypt push notifications? What type encryption is used, symmetric, asymptionmetric?

I read APN and didn't see any reference to encryption.

Then you didn't do any adequate research; it's clearly described in the APN documentation, including how to get a certificate for your server that is required to use APN. I'm not going to do your research for you.

My original statement was, an users should be able to opt in and out of two factor authentication instead of an entity forcing it on them because it is for general public not a corporation.

Irrelevant. You can't opt out. In a way it is forced on you because when your iCloud account is hacked and personal information is stolen you are likely to sue Apple. But the reason doesn't matter, because Apple requires it. If you don't like it don't use iCloud. Apple does NOT require you to use iCloud, BTW.

Click the last link in the document I posted above, the “modify content”

on the top of the next document, it will introduce:

”Overview

You may want to modify the content of a remote notification on a user’s iOS device if you need to: 

• Decrypt data sent in an encrypted format.

...”

And I did not make one single thing up. I never said SMS was encrypted. I said it used to be “more” secure than currently implemented.

R.W.R wrote:

what if you only have a mac and no ios device?

Have you read any of this thread before posting in it? Set up whatever cell phone you have as a trusted number. Or your landline phone. Or your office phone.

Simply awful. We have a lot of hardware and often assign gear to freelancers to work in our office. What a pain that it cannot be turned off. Just changed a Purchase Order for 16 Macs to PCs, also changing out iphones to Android due to poor quality control, lack of functionality and continuing lack of support.

If you use a managed deployment for company assets then personal AppleIDs and 2FA are not involved at all, so not an issue. AppleIDs are personal account login IDs not intended to be used with corporate assets deployed to employees.

You will have no problem with Androids, as the have always been trivially easy to hack. So enjoy them. It's a much easier solution than using Apple products in the way they were designed to be used.

See the 4th item in this FAQ-->https://appleid.apple.com/faq/#!&page=faq

Michael Black is saying you should be using Apple's Managed Deployment service rather than sharing an Apple ID among a large group, which, to be frank, is one of the stupidest ideas I have seen in a long time.

Use Device Enrollment - Apple Support

as i reread my post it says nothing about "whatever cell phone ,trusted number. Or my landline phone. Or my office phone."

although some might assume the existence of such from my mention of a dearth of ios devices

R.W.R wrote:

as i reread my post it says nothing about "managed deployment of company assets"

Oops, Michael Black was replying to Tahoe Charlie, not to you.

And two of us missed that fact, as did you.

R.W.R wrote:

how do you set it up to receive on you mac, that would be great to know and very helpful. could you please direct me to the appropriate instructions

If your Mac has El Capitan or later, there's nothing to set up (other than enabling 2FA on your Apple ID, which sounds like has already been done for you). As long as the Mac is signed into the same ID that you're accessing (and thus waiting for the 2FA code) then the prompt to approve should just pop up on the Mac's screen.

If your Mac is pre-El Capitan, then my understanding is that you would not get the 2FA code to your Mac and would have to rely on a phone call or text (since you don't have any iOS devices).

Availability of two-factor authentication for Apple ID - Apple Support

R.W.R wrote:

I missed it, i noticed it too late too retract. thanks for it pointing out

It’s fine R.W.R. It’s something everyone here needs to learn and be aware of. Replies are post specific, so responders can reply to a specific poster and their comments, and not everyone’s comments in a long thread.

That’s right, when you’ve lost the argument attack whoever disagrees with you. A practice that has been around for millennia. It’s even got a Latin name, which shows how old it is: argumentum ad hominem

My apologies if this has already been answered, but: to escape 2-Factor authentication, might a "Factory Reset" of the iPhone, creation of a new "Apple ID", and trying carefully to not accidenty enable 2-F, work when "registering" the iPhone an allow me to use the iPhone without the 2-F nuisance? (Yes, I know I will miss out on some obscure, trivial features - not a problem.)

R.W.R wrote:

it does remove 2FA from your life... which is a good thing

It also removes from your life anything you've purchased under the previous Apple ID. And removes access to a number of Apple features and services.

If you consider having a more easily hackable Apple ID a good thing, well, you're certainly entitled to that opinion.