In my attempts to secure my account from the oddness that happened a few weeks ago where my devices in short order became untrusted, several times in a row even after being re-authenticated by me, I’ve activated the new 2-factor-authentication from Apple (the previous one is now called 2-step-authentication).
It seems to work great, I get approval requests for most login attempts, but so far I’ve seen two occasions where 2FA-login is not working or not respected.
The first and most annoying is that Apple TV does not seem to support 2FA-login. So I’m unable to login to my Apple TV for now. But so far it’s not a big problem since I can stream everything through my iPad or iPhone. But it’s still a glitch.
The second is maybe intentional, but when upgrading to iOS 11 I noticed that after the phone restarts and you’re asked to login, even if it’s not on the primary phone used for approving authentication, but a secondary phone, the 2FA approval request is not required, only username and password and then you’re logged in. Luckily I can see logged in devices through the account page, but I consider this a glitch as well.
I came across this article on enabling two-factor-authentication for several accounts.
I noticed that not only are there several more services now offering 2FA than when I last checked a few months back. But once I set out to enable my accounts on these services I also noticed that several of them now supports apps in addition to SMS-messages.
And I’m also very glad that the apps are becoming more generic so I don’t need to have a mass of apps installed on my phone, but rather that it’s now possible to use for example Microsoft Authenticator not only for Microsofts own accounts but also for Google, Twitter, Dropbox, Amazon and others.
The article doesn’t mention Steam though, but I think it should. Steam is quite huge as platform and enabling 2FA was both easy and well worth it, considering the info stored there. And neither is Apple mentioned which is a little odd, but AppleID is also very smooth to enable for 2FA.
There are also some identity services missing in the article where maybe I should look more into their respective settings to see if they now support easy to use 2FA as well.
I’m thinking specifically of WordPress, Instagram, IMDb and Origin. And of course all the web shops where personal info is stored.
And lastly what I’d like to see now is support in Password Safe for PC and the pwSafe iOS app for tagging accounts with a green colour flag if they’re 2FA enabled.