How to turn off two factor authentication?

R.W.R wrote:

it does remove 2FA from your life... which is a good thing

Says you. I have had the same AppleID for near 20 years. I would never abandon 2 decades of purchased material, emails (going back to @mac.com), messages, and backups over something as trivially easy to learn to use as 2FA. I have not had to actually use 2FA codes for weeks, and I use several iPads, an iPhone and two Macs daily. It is not a big deal to adjust to it.

Thanks for the information confirming how to avoid 2-F. I do see that this creates a new account vice stopping 2-F on an existing account. I also see the point about probably only delaying the inevitable, but one must carry on.

Regarding, having to re-buy, and not have access to some Apple services - although I have used and liked many Apple products for many years (Macs, iPods, iPhones, and iPads) - and expect to do so for quite some time, Apple taught me not to buy anything other than the devices from Apple.

The first lesson happened many years ago, when Microsoft ordered Apple to change login names from a simple “name" to an "e-mail address". I lost access to hundreds of songs and movies. When I tried to play them, iTunes asked for the real login name (under which they were “bought”) and all Apple iTunes would process was an "e-mail address". After months of exchanges with Apple support, I was left with, in effect, “This is the new Apple way. Too bad for you".

The second lesson happened with Apple's “me.com" service - more stuff lost when Apple discontinued it.

So, lessons learned. "Fool me once, shame on you; fool me twice, shame on me." Apple fooled me twice into thinking I could count on it, but I won’t fall for it a third time. (I still like the devices - my wife and I just got new iPhones. I just know better then to think I could count on an Apple service.)

For those who haven’t yet lost anything with an Apple service - good for you. But don’t think it can’t happen to you. E.g., forced 2-F authentication; Apple’s reaction, “This is the new Apple way. Too bad for you". Does that look familiar?

On a more positive note, since one must now carry around a second device to get the second authentication request, T-Mobile has a $5 per month service for voice, text, and data; it’s only 30 minutes a month, but for Apple’s 2-F that (and a cheap phone via e-Bay) may be adequate.

? Microsoft had nothing to do with the change to require emails as the standard login ID for AppleIDs (do you really think MS “orders” Apple to do things, and it they did, that Apple would give a hoot?). And MS has never had anything to do with Apple’s iTunes Store. Apple made that move unilaterally to enforce standardization of their AppleID system (which began as nothing more than a login ID for a developers account, long before Apple ever sold anything online).

When I changed my AppleID from my name to an email, I lost nothing.

Similarly, when the MobileMe service retired, all you had to do was save anything you’d stored online somewhere else (and there were warnings to do so for a year before they turned MobileMe off). And if you migrated to iCloud before the deadline (again, with multiple warnings sent to MobileMe users over a year before the deadline) you even kept your @me.com email address.

I have no idea why you think you must carry around a second device to get 2FA codes. They are sent simultaneously to all your trusted devices, including the one you’re holding that generates the request for the 2FA, so there is no “second” request. And a backup contact for an emergency can be any voice telephone number (cellular, landline or satellite phone) or any SMS capable telephone number (I use my Google voice number as a backup contact).

I have had the same AppleID for nearly 2 decades and never lost anything. I used 2 step verification for many years, and switched to 2FA several years ago now, when it first rolled out. Never had an issue with it, and never lost any purchases nor data because of it.

since one must now carry around a second device to get the second authentication request

you were doing well until this point...

2FA does not require a 2nd device.

It's misinformed diatribes like this that contribute to the FUD about 2FA.

LACAllen wrote:

since one must now carry around a second device to get the second authentication request

you were doing well until this point...

Not really. There is NOTHING in thomasfromsterling's most that is correct or true, as Michael Black has pointed out. Oh, and I still have and use my me.com address. And I have changed the user name associated with my Apple ID account several times, and have never lost anything. I still have my 2,000 purchased songs and 300 iOS apps.

including the one you’re holding that generates the request for the 2FA"

doesn't that defeat the purpose ?

Huh?

Unless you allow those other devices to sit unsecured somewhere, no.

Strong passcodes will keep the verification code secure.

R.W.R wrote:

"They are sent simultaneously to all your trusted devices, including the

one you’re holding that generates the request for the 2FA"

doesn't that defeat the purpose ?

No, because the purpose is to protect your Apple ID, not your device. Your device is protected by your passcode/Touch ID/Face ID, so if you get as far as the prompt for the 2FA authentication code it has already been established that it is you making the request or attempting to log in.

R.W.R wrote:

"They are sent simultaneously to all your trusted devices, including the

one you’re holding that generates the request for the 2FA"

doesn't that defeat the purpose ?

No, as they are trusted devices. If one or another is no longer trusted, just as Apple advices strongly, you need to update your trusted devices list to remove it.

The whole point is, when accessing your AppleID, any of your trusted devices suffices to login to your AppleID. Assuming your trusted devices are also protected by a screen lock passcode and/or FaceID or TouchID, only you could unlock them and use that 2FA code to login in to your AppleID.

My issue is not lost data, but the idiocy of the system in general and being forced to use it.

It amazes me Apple is so not worldly.

I travel globally and my American service does not work in other countries ( without and exorbitant fee) so I buy a sim card in the country I am visiting. Because 2FA uses my American number, I am automatically locked out. The same thing happens when I return to USA when 2FA is then sent to the foreign number.

I never turned on this piece of crap 2FA myself. A nonenglish speaking techie turned it on when I bought a sim card, it then tried to verify to the American number, I got locked out, and now I am stuck with it. Apple, true to form, said "Too Bad for you".

Android here I come. I love apple products but my right to choose trumps Apple's desire to control my choices.

I really need this turned off because I have an old computer from 2010, and the newest OS it takes is Sierra. So right now I literally can't sign in to my apple ID in the system preferences. I had no idea the email I received could turn it off or I would have done that when I received it. I was enrolled in two factor authentication because I restored my phone from a back up and when I did there was no way to opt out. I never wanted to sign up for this and I tried to turn it off immediately by signing in to apple Id on my phone in safari and in system preferences but there was no way to turn it off. WAY TO GO if this is not resolved my computer is currently ten times more useless than it already was. I only ever sign in on my mac or my hone so this service is really inconvenient and redundant. There should be a way to set my computer as trusted so I don't have to use two factor authentication there. Vehemently unhappy customer at the moment.

You can get your 2FA on any mobile number and use it sign-in from your Mac. Another annoying feature with Safari Version 13.0.1 (14608.2.11.1.11) is the browser repeatedly asking "Trust" this browser! What's up with that?

Is Apple following in Windows foot steps with annoying security prompts?

Doesn't Safari http headers for get and put include browser and version information?

Not sure what the heck the Trust this browser prompt provide in terms of security? This mostly pops up when visiting Apple sites.

Pall wrote:

I don’t believe your answer is correct. Trust browser occurs without clearing cookies.

Lawrence is correct. "Trust Browser" doesn't clear cookies; it writes a cookie. However, if you clear the cookies, the browser will not longer be trusted.

My answer is correct. You will be asked again:

If your browser version changes

OR

Your IP address changes

OR

you clear cookies

OR

and I'll add that cookies expire after a period of time.

I didn't say all of these had to happen. Any one of them will invalidate your browser trust status. And your ISP changes your IP address frequently.

You clearly don't know anything about security, browser operation or cookies. Pretty much every site on the Internet uses cookies to identify your computer. Cookies cannot be hijacked if the site uses TLS ("HTTPS") except for cross-site cookies, and Apple's servers never use cross-site. And for other sites you can (and should) set your browser to deny 3rd party cookies. But that's irrelevant for 2FA, which is only to access your Apple ID on Apple's servers.

Father of Apple Kids wrote:

Where is the restriction section now on the new IOS? I can't set up child restrictions anymore without buying a fricken app to do that. <redacted>

Is cursing and insulting people really the sort of example you want to set for your children?