What I find a lot scarier is that macOS seems to store your local user's password as a hash with Apple.
A few months ago I was signing in on my MacBook, and it asked me (assuming because I did not have a mobile number attached) for my Hackintosh local user's password to 2FA.
May be buried in the depths of the EULA, but I most definitely never agreed for my LOCAL account password to be uploaded to Apple.
At least signature checks can be blocked (for now) on a DNS level. What about my passwords?
A few months ago I was signing in on my MacBook, and it asked me (assuming because I did not have a mobile number attached) for my Hackintosh local user's password to 2FA.
May be buried in the depths of the EULA, but I most definitely never agreed for my LOCAL account password to be uploaded to Apple.
At least signature checks can be blocked (for now) on a DNS level. What about my passwords?