It seems like you must have a second apple device, on the same Apple ID otherwise you cannot use 2FA. That hasn’t been a big deal for me, because I have several, but they’re all in my home except for the one in my pocket.
If something simultaneously happens to my home and to my iPhone then it seems like I’m permanently locked out of my apple accounts forever. For example a house fire and I don’t have time to grab the phone.
My concern isn’t that I’d forget my password. My concern is 2FA requires a second apple device. So if all of my devices go bye bye, I can’t simply go to the Apple Store, buy a new iPhone, type my username and password in, and get back in. It appears I actually need a second Apple device.
I think there might be a way to use an SMS as a backup? But I’m not sure. Regardless, if I lose my phone, there goes my ability to receive an SMS. And I don’t really want to use SMS because of SIM swapping attack potential.
It would be ideal if 2FA could be done using the standard TOTP process that 95% of websites use. Scan a QR code into 1Password or Authy and it generates the 6 digit pin. I don’t think that Apple offers that.
There’s also this Recovery Code thing which is confusing what it actually does. And whether or not it would help me if I lost access to my devices.
You don’t need a second Apple device (I presume many people have only one, like an iPhone).
From:
If you’re trying to sign in and don’t have a trusted device that can display verification codes, you can tap Didn’t Get a Code on the sign-in screen and choose to send a code to one of your trusted phone numbers.
… meaning you can get the codes via text messages if there are no other options.
Regarding the recovery key, it does exactly what you assume – it would help you to recover your account, so you should generate the code and keep it safe:
If you no longer have your devices, and also don’t remember your password, you can also use a borrowed device or even a device at the Apple Store to reset your password using the Apple Support app, which will then ask for a recovery key:
The Support app will ask which account you want to recover and will guide you through the process.
You can also designate someone you trust as your recovery contact – see instructions here:
So there are plenty recovery options if you lose access to your account but I would suggest keeping passwords safe (a password manager you’d have access via the web in case you lose all your devices, like Bitwarden, would be a good option), and keeping the recovery key somewhere safe and separate.
If you tend to use several email addresses and/or phone numbers, I would also suggest making sure to remember which one you used for your Apple ID. Sometimes people forget even that after a couple of years of not using an Apple device – I was unable to help a friend just this last week who has an activation locked iPhone 12 he apparently hasn’t used much and no idea what his Apple ID was. Until he remembers, this is a bricked device.