Hi! My name is Cédric Bozzi, I make websites and iOS apps, and this is my blog about technology (mostly a Twitter archive, really).

11 December 2014

If someone tries to access your iCloud account and you’ve got two-factor auth, you’ll be locked out forever unless you have your recovery key

Does anyone else implement two-factor authentication this way? Because that’s unbelievably stupid. Why would you need to reset an attacked account’s password if they have two-factor auth? And how can you expect 99% of your users to keep a copy of their recovery key — especially when your own website points out that they’ll be able to create another as long as they’ve got their original password and device? This is a policy that can only, mathematically, end up locking out 100% of Apple’s users over time.

I have my recovery key in 1Password, but I’m considering turning two-factor off for my account (assuming that’s even possible), because Apple’s online services can’t be trusted with anything and I feel pretty stupid for signing up to be an early adopter of new security measures that of course they rushed to implement without understanding the consequences.

Don’t forget that, since iOS 7, your devices are locked to your iCloud account. So “just create another account” doesn’t only make you lose everything you’ve ever bought on the App Store.

Archives

2001 01 02 03 04 05 06 07 08 09 10 11 12

2002 01 02 03 04 05 06 07 08 09 10 11 12

2003 01 02 03 04 05 06 07 08 09 10 11 12

2004 01 02 03 04 05 06 07 08 09 10 11 12

2005 01 02 03 04 05 06 07 08 09 10 11 12

2006 01 02 03 04 05 06 07 08 09 10 11 12

2007 01 02 03 04 05 06 07 08 09 10 11 12

2008 01 02 03 04 05 06 07 08 09 10 11 12

2009 01 02 03 04 05 06 07 08 09 10 11 12

2010 01 02 03 04 05 06 07 08 09 10 11 12

2011 01 02 03 04 05 06 07 08 09 10 11 12

2012 01 02 03 04 05 06 07 08 09 10 11 12

2013 01 02 03 04 05 06 07 08 09 10 11 12

2014 01 02 03 04 05 06 07 08 09 10 11 12

2015 01 02 03 04 05 06 07 08 09 10 11 12

2016 01 02 03 04 05 06 07 08 09 10 11 12

2017 01 02 03 04 05 06 07 08 09 10 11 12

2018 01 02 03 04 05 06 07 08 09 10 11 12

2019 01 02 03 04 05 06 07 08 09 10 11 12