from Hacker News

Why is 2FA not required at Apple store?

by paulyy_y on 6/17/24, 10:38 PM with 2 comments

About a month ago I set up 2 USB-C security keys as my primary second factor for Apple authentication. On a new device, I would need one of the security keys in order to sign into my account, something which I tested and confirmed at home.

Some time passed, phone broke, and I went to Apple store to get a new one. They needed to adjust some stuff on "Find My" so they had me log into my account on one of their laptops in store. All I needed was my password... no security key.

How could this be? I just confirmed again that it is needed by going through the same journey at home on a personal device - security key needed to log into iCloud.

I must be missing something.

by hammyhavoc on 6/18/24, 4:50 PM
Apple Store can override security no problem.
MacBook remotely locked by an ex partner through a management profile? Take it to the Apple Store and they'll unlock it.
Inherited an Apple device and can produce the receipt? They'll remove it from the previous account.
by stop50 on 6/17/24, 11:17 PM
my company has an inward sso process that uses kerberos and an 2fa enforced one for outside that is additionally limited in what it can grant access to.