Apple (via email):
In an effort to safeguard your account, two factor authentication is required to sign in to your Apple Developer account and certificates, identifiers and profiles from February 27, 2019. This additional Apple ID security layer helps you ensure that you are the only person who can access your account. If you haven't already enabled two-factor authentication for your Apple ID, learn more and update your security settings.
I have two accounts – one for personal use, one for development use – and so do many developers.
I don't know how to do this work. None of my devices have ever logged into my developer account. This account exists only for building and distributing apps.
It is possible, but Apple has not done a good job explaining it.
In order to register an iOS device with two-factor authentication, you must log out of your personal Apple ID at the system level, which means you log out of iCloud. This is a very disruptive act. On a Mac, it's much easier because you can associate different MacOS users with their own Apple ID. So the best way to set up two-factor authentication is probably to create your own user account on your Mac, set it up with your Apple ID, and then follow Apple's instructions.
So, if my developer Apple ID requires 2FA in two weeks, how can it work with my personal Apple ID? Is it true that a device like a phone can only be the trusted device for an Apple ID?
That's a good example of Apple not thinking about things through. Custom system that does not work with all other TFA systems, no ability to get messages from multiple accounts, and no ability to merge accounts.
To put perspective on how much of a PITA Apple's bad 2FA will be, I tell 14 of "The teams and roles have been united." E-mail. I have many developer accounts, linked to specific customers. I also often have to log in as a client because they have no idea how ASC works.
Kyle Seth Gray ( tweet ):
Here's how to add your developer account to your device receiving verification codes.
Despite the fact that the account is marked as "inactive" on this account screen, you have added the device as a "trusted" device that can receive two-factor authentication codes.
The one problem is activating it initially – the easiest way is to create a temporary user on your Mac and activate it there, but damn it if it's not a clunky solution.
I have not, as far as I remember, ever created a separate Mac account or used a dedicated device for my developer account, but somehow I could long ago activate 2FA using SMS. Some people are concerned that Apple will stop allowing this and require an actual iOS device, but I have not seen any official indication of it. SMS is more convenient in many situations, but less secure.
Never use consumer numbers, they are easily stolen. Most telecoms only require a name and DOB to port. Get a number that does not have an assigned SIM card and cannot be sent, such as Twilio or Google Voice.
Maxwell : 1. get a dedicated google number number on a dedicated google account
2. Disable SMS forwarding
3. Put the THAT account under U2F
4. Create a Mac VM
5. Login and enable with that number
I think this is the only decent approach
Lol, what about business developer accounts not associated with a particular device, and thus, not linked to a phone number who can receive SMS?
See also: Cable Sasser .
] Keep up to date by subscribing to the RSS feed for this post.