I'm not so sure about Apple re-enforcing SMS as a multi-factor standard, though. SIM-jacking is real, the security standards of AT&T Verizon and Tmobile are laughable.
That’s on the carriers. It basically a tradeoff for convenience. Here to change anything on my cell phone account like shifting carriers or requesting new sim cards requires govt issued id with biometric confirmation.
Well, yeah, it is on the carriers, they're the weakest link and can't be trusted.
I think the biggest thing Apple could do to keep me safe would be to stop sending messages to every device on my account after every 2FA stating a new (insert expensive device here) was now accessing my account. I cringe each time, picturing my wife at work, wondering what in the name of Thundarr the Barbarian her husband bought *this* time, when in actuality I've only bought something nutty about one in 10 times 2FA is employed.
I'm confused your comment (although I do like the Thunder reference). Do you not have independent iCloud accounts?
I don't think I fully understand your use case either. The only time I get a message from Apple on all my connected devices is when I sign on to iCloud; that's when it let's all my connected devices know that I've added a new device. When it comes to 2FA for logins it's usually an OTP from my password manager (which 1Password does so well that you just have to have hit paste as it saves it to the clipboard for 60 seconds) or an SMS or email if the system doesn't support saving the OTP link.
All our devices share an account. Never occurred to me to have separate accounts.
I was trying to remember what instances trigger the alert. Seems like it's occurred when I've added devices to iTunes Match, I think, and I'm almost positive a chief culprit is OS upgrades.
I think the biggest thing Apple could do to keep me safe would be to stop sending messages to every device on my account after every 2FA stating a new (insert expensive device here) was now accessing my account. I cringe each time, picturing my wife at work, wondering what in the name of Thundarr the Barbarian her husband bought *this* time, when in actuality I've only bought something nutty about one in 10 times 2FA is employed.
I'm confused your comment (although I do like the Thunder reference). Do you not have independent iCloud accounts?
I don't think I fully understand your use case either. The only time I get a message from Apple on all my connected devices is when I sign on to iCloud; that's when it let's all my connected devices know that I've added a new device. When it comes to 2FA for logins it's usually an OTP from my password manager (which 1Password does so well that you just have to have hit paste as it saves it to the clipboard for 60 seconds) or an SMS or email if the system doesn't support saving the OTP link.
All our devices share an account. Never occurred to me to have separate accounts.
I was trying to remember what instances trigger the alert. Seems like it's occurred when I've added devices to iTunes Match, I think, and I'm almost positive a chief culprit is OS upgrades.
LOL. How would it never occur to you to have separate accounts? You're two different people! How does that even work? You just message each other on the exact same Apple ID, replying to yourself essentially? Ridiculous.
I think the biggest thing Apple could do to keep me safe would be to stop sending messages to every device on my account after every 2FA stating a new (insert expensive device here) was now accessing my account. I cringe each time, picturing my wife at work, wondering what in the name of Thundarr the Barbarian her husband bought *this* time, when in actuality I've only bought something nutty about one in 10 times 2FA is employed.
I'm confused your comment (although I do like the Thunder reference). Do you not have independent iCloud accounts?
I don't think I fully understand your use case either. The only time I get a message from Apple on all my connected devices is when I sign on to iCloud; that's when it let's all my connected devices know that I've added a new device. When it comes to 2FA for logins it's usually an OTP from my password manager (which 1Password does so well that you just have to have hit paste as it saves it to the clipboard for 60 seconds) or an SMS or email if the system doesn't support saving the OTP link.
All our devices share an account. Never occurred to me to have separate accounts.
I was trying to remember what instances trigger the alert. Seems like it's occurred when I've added devices to iTunes Match, I think, and I'm almost positive a chief culprit is OS upgrades.
You can give each person their own account then link them via Family Sharing. That way you can share a common payment method, many app purchases, Find My and so on. You can also set up both shared and private calendars for the family. I find that it works pretty well.
I suspect though that you might have to wipe each device before assigning it to a new AppleId. That might be painful. I suggest you try it with one to see how it works for you. If you don't like it, simply wipe it again and reset back to the common id.
One of my favorite newer features in iOS/macOS is the ability to auto-populate OTP codes sent via SMS in apps and Safari without having to even look at Messages. This seems like an extension of that by way of more security and standardization?
I noticed this a while ago - it’s awesome when it works, but there are some sites for which it works and some for which it doesn’t. I haven’t really looked at why but it may well be due to the formatting that this proposal seeks to standardize. Interestingly, it doesn’t work when signing in to iCloud!
One of my favorite newer features in iOS/macOS is the ability to auto-populate OTP codes sent via SMS in apps and Safari without having to even look at Messages. This seems like an extension of that by way of more security and standardization?
I noticed this a while ago - it’s awesome when it works, but there are some sites for which it works and some for which it doesn’t. I haven’t really looked at why but it may well be due to the formatting that this proposal seeks to standardize. Interestingly, it doesn’t work when signing in to iCloud!
I haven't found this to be a website issue, but an OS issue. Using 2FA with a specific brokerage firm login requires it for each login even though it asks if I want to save that browser for the future.
For awhile I couldn't figure out what it was doing as it seems to propagate the moment after I had looked up the number and started typing it. I found that if I only looked at the first digit and typed that in that the system would know that I want to add the OTP. Then last month—not after a macOS update—it started suggesting to add the OTP without me clicking the text box and typing the first digit. Now it's back to often not suggesting the OTP.
I think the biggest thing Apple could do to keep me safe would be to stop sending messages to every device on my account after every 2FA stating a new (insert expensive device here) was now accessing my account. I cringe each time, picturing my wife at work, wondering what in the name of Thundarr the Barbarian her husband bought *this* time, when in actuality I've only bought something nutty about one in 10 times 2FA is employed.
I'm confused your comment (although I do like the Thunder reference). Do you not have independent iCloud accounts?
I don't think I fully understand your use case either. The only time I get a message from Apple on all my connected devices is when I sign on to iCloud; that's when it let's all my connected devices know that I've added a new device. When it comes to 2FA for logins it's usually an OTP from my password manager (which 1Password does so well that you just have to have hit paste as it saves it to the clipboard for 60 seconds) or an SMS or email if the system doesn't support saving the OTP link.
All our devices share an account. Never occurred to me to have separate accounts.
I was trying to remember what instances trigger the alert. Seems like it's occurred when I've added devices to iTunes Match, I think, and I'm almost positive a chief culprit is OS upgrades.
LOL. How would it never occur to you to have separate accounts? You're two different people! How does that even work? You just message each other on the exact same Apple ID, replying to yourself essentially? Ridiculous.
"LOL."
ROFLMFAO. I've won again!
"You're two different people!"
Yeah, well, after 27 1/2 years of marriage ... just barely.
"How does that even work? You just message each other on the exact same Apple ID, replying to yourself essentially?"
It was awkward the first five minutes when I got 5 and she got 4S. Then I changed settings so her phone only received messages to her phone number and vice versa. That change was saved in iCloud and remained in place as we upgraded.
Although your system sounds like more fun. "Hey, honey, would it be cool if I hooked up with a prostitute?" "It sure would be cool! Go for it, dude!"
I think the biggest thing Apple could do to keep me safe would be to stop sending messages to every device on my account after every 2FA stating a new (insert expensive device here) was now accessing my account. I cringe each time, picturing my wife at work, wondering what in the name of Thundarr the Barbarian her husband bought *this* time, when in actuality I've only bought something nutty about one in 10 times 2FA is employed.
I'm confused your comment (although I do like the Thunder reference). Do you not have independent iCloud accounts?
I don't think I fully understand your use case either. The only time I get a message from Apple on all my connected devices is when I sign on to iCloud; that's when it let's all my connected devices know that I've added a new device. When it comes to 2FA for logins it's usually an OTP from my password manager (which 1Password does so well that you just have to have hit paste as it saves it to the clipboard for 60 seconds) or an SMS or email if the system doesn't support saving the OTP link.
All our devices share an account. Never occurred to me to have separate accounts.
I was trying to remember what instances trigger the alert. Seems like it's occurred when I've added devices to iTunes Match, I think, and I'm almost positive a chief culprit is OS upgrades.
You can give each person their own account then link them via Family Sharing. That way you can share a common payment method, many app purchases, Find My and so on. You can also set up both shared and private calendars for the family. I find that it works pretty well.
I suspect though that you might have to wipe each device before assigning it to a new AppleId. That might be painful. I suggest you try it with one to see how it works for you. If you don't like it, simply wipe it again and reset back to the common id.
I think the biggest thing Apple could do to keep me safe would be to stop sending messages to every device on my account after every 2FA stating a new (insert expensive device here) was now accessing my account. I cringe each time, picturing my wife at work, wondering what in the name of Thundarr the Barbarian her husband bought *this* time, when in actuality I've only bought something nutty about one in 10 times 2FA is employed.
I'm confused your comment (although I do like the Thunder reference). Do you not have independent iCloud accounts?
I don't think I fully understand your use case either. The only time I get a message from Apple on all my connected devices is when I sign on to iCloud; that's when it let's all my connected devices know that I've added a new device. When it comes to 2FA for logins it's usually an OTP from my password manager (which 1Password does so well that you just have to have hit paste as it saves it to the clipboard for 60 seconds) or an SMS or email if the system doesn't support saving the OTP link.
All our devices share an account. Never occurred to me to have separate accounts.
I was trying to remember what instances trigger the alert. Seems like it's occurred when I've added devices to iTunes Match, I think, and I'm almost positive a chief culprit is OS upgrades.
You can give each person their own account then link them via Family Sharing. That way you can share a common payment method, many app purchases, Find My and so on. You can also set up both shared and private calendars for the family. I find that it works pretty well.
I suspect though that you might have to wipe each device before assigning it to a new AppleId. That might be painful. I suggest you try it with one to see how it works for you. If you don't like it, simply wipe it again and reset back to the common id.
Are there benefits or only misery? I seem to be enjoying all the benefits Mapple (except them blasting our devices with messages stating I've gone off the device deep end) offers without the rigmarole.
Comments
I was trying to remember what instances trigger the alert. Seems like it's occurred when I've added devices to iTunes Match, I think, and I'm almost positive a chief culprit is OS upgrades.
For awhile I couldn't figure out what it was doing as it seems to propagate the moment after I had looked up the number and started typing it. I found that if I only looked at the first digit and typed that in that the system would know that I want to add the OTP. Then last month—not after a macOS update—it started suggesting to add the OTP without me clicking the text box and typing the first digit. Now it's back to often not suggesting the OTP.
"LOL."
ROFLMFAO. I've won again!
"You're two different people!"
Yeah, well, after 27 1/2 years of marriage ... just barely.
"How does that even work? You just message each other on the exact same Apple ID, replying to yourself essentially?"
It was awkward the first five minutes when I got 5 and she got 4S. Then I changed settings so her phone only received messages to her phone number and vice versa. That change was saved in iCloud and remained in place as we upgraded.
Although your system sounds like more fun. "Hey, honey, would it be cool if I hooked up with a prostitute?"
"It sure would be cool! Go for it, dude!"
"Ridiculous."
Thank you! I'm here all year!
Are there benefits or only misery? I seem to be enjoying all the benefits Mapple (except them blasting our devices with messages stating I've gone off the device deep end) offers without the rigmarole.