
Ask HN: iCloud forces usage of phone number for 2 factor authentication? - ploggingdev
I switched from an Android device to an iPhone recently and was asked to setup an iCloud account. I went through the setup process and realized that my phone number was setup as a 2nd factor with no option to disable it [0]. Seriously? For all the talk about Apple devices being the most secure, not many people seem to be complaining about how Apple forces a phone number as a 2nd factor + account recovery method. Most people backup very personal data to their iCloud accounts and forcing a phone number as a 2FA is ridiculous. IMO Google gets 2FA right : I can setup a Yubikey + Authenticator + backup codes and remove my phone number as a 2FA method. And I also realized that there&#x27;s no way to delete an iCloud account. wtf?<p>(First time using an Apple device, so I might be misunderstanding the 2FA situation, correct me if I&#x27;m wrong.)<p>[0] https:&#x2F;&#x2F;support.apple.com&#x2F;en-us&#x2F;HT204915
======
citruspi
I switched from 2 Step Auth to 2 Factor Auth recently and saw the same thing.
A trusted phone number is required (and verified with that code you received)
but in the future you'll receive 2FA codes on your trusted devices. But to
setup that first device, you've gotta setup at least one trusted phone number.
More information here[0]. Relevant bits:

\----------------------------------------

With two-factor authentication, your account can only be accessed on devices
you trust, like your iPhone, iPad, or Mac. When you want to sign in to a new
device for the first time, you'll need to provide two pieces of
information—your password and the six-digit verification code that's
automatically displayed on your trusted devices.

...

A trusted device is an iPhone, iPad, iPod touch with iOS 9 and later, or Mac
with OS X El Capitan and later that you've already signed in to using two-
factor authentication.

...

A trusted phone number is a number that can be used to receive verification
codes by text message or automated phone call. You must verify at least one
trusted phone number to enroll in two-factor authentication.

\----------------------------------------

In my case, I switched my iPhone to 2FA first and it sent me the SMS code.
Once I started switching over my other devices to 2FA, I started seeing the
code popping up (along with the location of the device being logged into, like
in the photos from[0]) on my device instead of being sent via SMS.

[0]: [https://support.apple.com/en-us/HT204915](https://support.apple.com/en-
us/HT204915)

~~~
ploggingdev
The verification codes popup on trusted devices but it's possible to have them
sent to the trusted phone number instead. There's no way to remove the trusted
phone number as a 2nd factor. From the FAQ :

\------

What if I don’t have access to a trusted device or didn't receive a
verification code?

If you're signing in and don’t have a trusted device handy that can display
verification codes, you can have a code sent to your trusted phone number via
text message or an automated phone call instead. Click Didn't Get a Code on
the sign in screen and choose to send a code to your trusted phone number. You
can also get a code directly from Settings on a trusted device.

\------

