SIGforum.com Main Page The Lounge Is there a way to turn off two-factor authentication on an iPhone?
Main Page The Lounge Is there a way to turn off two-factor authentication on an iPhone?Go | New | Find | Notify | Tools | Reply | |
| Peace through superior firepower  |
As iPhone users know, once you've turned it on, you have only two weeks to turn it off. Is there any way at all to turn it off after that two week period? Third party app or whatever? | ||
|
Truth Seeker |
Looks like you can’t turn it off after two weeks unless someone knows a trick. According to Apple Here it doesn’t seem you can after the two weeks. In that link Apple says: If you're already using two-factor authentication with your Apple ID, you can't turn it off. If you updated to two-factor authentication inadvertently, you can turn it off within two weeks of enrollment. If you do, your account is less secure and you can't use features that require a higher level of security. NRA Benefactor Life Member | |||
|
| Peace through superior firepower |
I know you mean well, but your response seems to indicate that you didn't even read my post. In three sentences, I twice mentioned the two week limitation, and yet, here you are, telling me what I stated that I already know. | |||
|
| Truth Seeker |
Sorry about that Para. You are correct, my response added no value to your question. NRA Benefactor Life Member | |||
|
thin skin can't win |
If you have a current backup local or in cloud and reset the phone to factory spec, then start over, setup, and restore from that perhaps you can skip that step? A guess admittedly. If there's a particular part of the TFA process that's causing you pain maybe we can suggest solutions to that but still leave the security layer in place? You only have integrity once. - imprezaguy02 | |||
|
Alea iacta est |
Para, two factor authentication is tied to your Apple ID. If I remember correctly, you’re fairly new to the iPhone, so you may not have as much tied to your Apple ID that you care about. (I have over 9k photos, and so much that I wouldn’t want to set up again). You can create a new Apple ID with a new email. Erase all content and reset iPhone, and when you sign in, use your new Apple ID. Make sure you turn off “find my” before the reset. If you skip that step, the phone will still be tied to the original Apple ID. If you have some photos you really want to save, text them to your wife and she can text them back after the reset. Same with other things you will lose in the wipe process. Text or email and then download. It’s kind of drastic, but that’s the only way to do what you’re asking. Now I know you’re a web admin, so you have probably forgotten more about security than I’ll ever know, but TFA is a good thing. It is helpful in not having your Apple ID stolen. The “lol” thread | |||
|
Lost |
2FA is part of your Apple ID, as Beancooker mentioned. Resetting your phone won't change anything. I've never heard of anyone successfully disabling 2FA after the "grace" period, by software, hacks, etc. | |||
|
Member |
Para, Curious to know which generation iPhone and which OS version you are running. I have an ancient iPhone 6 and pretty sure its not even an option for me, but I would have to investigate to make sure. An attorney I know for a major hospital chain just upgraded from an iPhone 3 to a 5 a year ago. ---------- “Nobody can ever take your integrity away from you. Only you can give up your integrity.” H. Norman Schwarzkopf | |||
|
Optimistic Cynic |
I would challenge that statement. If for no other reason, the awkwardness of it encourages user to over-simplify their security measures in order to still be able to operate. It also fosters a false sense of security and addresses only one minor aspect of a complicated threat surface. Much like complicated passwords only serve to encourage users to write their passwords down on a piece of paper in their wallet, or write their safe combination on the side of the unit. | |||
|
Nullus Anxietas |
And I, in turn, would challenge your statement  Just because some people may choose to become lax because they figure 2FA will keep them safe doesn't obviate the increased security it has the potential of offering to those of us who do not. "America is at that awkward stage. It's too late to work within the system,,,, but too early to shoot the bastards." -- Claire Wolfe "If we let things terrify us, life will not be worth living." -- Seneca the Younger, Roman Stoic philosopher | |||
|
| Optimistic Cynic |
If it were real 2FA (e.g. something only you have, and something only you know) I'd be more inclined to agree with you. However, in most implementations I have seen, the whole of 2FA depends on possession of a device that can receive SMS messages, especially when "password recovery" exercises are considered. So weak implementations and weak overall security practices abound. The impediment to usability seems to me to outweigh any added "security" in actual practice. Now I will acknowledge that I have been bit more than once by ham-handed 2FA implementations, and this may influence my feelings on the matter. We have strayed pretty far from the topic outlined in the OP. For this, I apologize, and accept all the onus that goes along with it. | |||
|
| Lawyers, Guns and Money  |
That really sucks... If you can't turn it off, I wouldn't want it. "Some things are apparent. Where government moves in, community retreats, civil society disintegrates and our ability to control our own destiny atrophies. The result is: families under siege; war in the streets; unapologetic expropriation of property; the precipitous decline of the rule of law; the rapid rise of corruption; the loss of civility and the triumph of deceit. The result is a debased, debauched culture which finds moral depravity entertaining and virtue contemptible." -- Justice Janice Rogers Brown "The United States government is the largest criminal enterprise on earth." -rduckwor | |||
|
| Nullus Anxietas |
Theoretically speaking, it is: You know your login credentials (username/email address + password/pass-phrase) and you have your phone. The weak spot (pointed-out by security geeks) is using SMS/MMS to send authentication tokens to mobile devices. SMS/MMS is insecure and some people don't bother to lock their mobile devices. Ideally, a truly open framework for secure, end-to-end encrypted 2FA token carriage would be developed and everybody would use that, instead. (I think there are apps, but, I believe they're proprietary?) Despite its weaknesses: I appreciate existing 2FA implementation for what additional security it provides to me--as somebody who chooses strong passwords/pass-phrases, keeps them in an encrypted keyring, and keeps his mobile devices locked. You can turn it off w/in the first two weeks. I suspect the thinking goes something like this: If somebody's enabled 2FA, and left it enabled for two weeks, odds are they've had the opportunity to evaluate 2FA for themselves and decided they wanted it. Beyond that point the odds favor a request to deactivate it as a Bad Guy having (temporarily) acquired access to the account. "America is at that awkward stage. It's too late to work within the system,,,, but too early to shoot the bastards." -- Claire Wolfe "If we let things terrify us, life will not be worth living." -- Seneca the Younger, Roman Stoic philosopher | |||
|
| Powered by Social Strata |
 | Please Wait. Your request is being processed... |
|
SIGforum.com Main Page The Lounge Is there a way to turn off two-factor authentication on an iPhone?
Main Page The Lounge Is there a way to turn off two-factor authentication on an iPhone?© SIGforum 2024