96 Macworld • August 2019
HELP DESK
online account. With 2FA, you supplement a
password with something else – typically you
enter a code that’s sent via a text message. The
second factor means someone has to know both
your password and have access to something you
own – a phone number, a phone, or a computer
- and dramatically reduces your exposure when
password breaches inevitably happen.
Apple added 2FA for Apple IDs a few releases
ago, an upgrade from its hastily constructed
two-step verification, which it created after high-
publicity cracks using social engineering of its
iCloud service.
Apple’s implementation of 2FA is integrated into
iOS and macOS, and I recommend that everyone
enable it. However, some people may find it’s too
much fuss or they have other difficulties making
it work. (For Apple IDs that you don’t use with a
physical device, but only for purchases, 2FA can
be an honest pain, but it’s manageable.)
Until recently, you could opt to disable 2FA,
although you had to go to the Apple ID website
to turn it off. Apple quietly removed disabling 2FA
as an option, and I’ve started to hear from people
about this recently when they went to turn it off and
found they could not.
It looks like Apple quietly removed that option
in a later release of iOS 10 and macOS 10.12 Sierra,
according to reports online. Apple’s support page
for 2FA (fave.co/2xDP5mW) notes that within
the first two weeks of enabling 2FA, you can still
revert. But after that, no can do: “Certain features