No comments (seriously, donāt know what to say about this guy)
The problem with forcing the accounts is that for many developers that account is separate - meaning itās not the primary account and therefore you donāt have a way to enable 2FA.
I have multiple Apple IDs, thankfully I can put the developer account on my test iPhone - but that will break a number of other things as a consequence. I donāt want to be forced to purchase a device just for 2FA, but if I canāt work around things I may have to. Letās hope the March event has some iPod Touch announcements!
Iām also worried about this.
I use 2FA for my personal Apple ID, but I have multiple Apple Developer IDs that donāt have 2FA enabled. For me it would be fine if Apple added TOTP instead of requiring an iOS/macOS device.
It looks like Kyle Seth Gray has a workaround, which isnāt the simplest but seems to work:
Not an Apple Developer but seriously, I just donāt get 2FA as a general thing. The theory is nice bu tin practice itās a PITA to use. I donāt agree that it offers enough added security to warrant the hassles.
MFA done right isnāt much of a hassle at all and is exceedingly valuable (but not a panacea) as a means of increasing overall security. What Apple does for MFA isā¦ well, baffling beyond belief, but thatās in line with pretty much everything they try to do that involves online services.
Iām in the process of rolling out Duoās MFA in a trial and itās almost a pleasure to use. It helps that I have an Apple Watch and can acknowledge the Duo Push prompt using it