Mastodawn

https://www.apple.com/newsroom/2022/12/apple-advances-user-security-with-powerful-new-data-protections/

Apple advances user security with powerful new data protections

iMessage Contact Key Verification, Security Keys, and Advanced Data Protection for iCloud provide users important new tools to protect data.

Apple Newsroom

Show thread

Eric Neustadter (e)Dec 7, 2022

@mikeymikey 👏👏👏

Show thread

Thomas Reed Dec 7, 2022

@mikeymikey I love seeing hardware keys added as an MFA option! However, I wonder why TOTP codes still aren’t supported? What do you recommend for large orgs that need to ensure redundant access by multiple people to a single developer account? MFA has been the difficult part of that.

Show thread

too many names Dec 7, 2022

@thomasareed What's the need for redundant access to a single developer account in a large org vs. one org developer account per developer? Where is MFA being triggered?

Show thread

Thomas Reed Dec 7, 2022

@mikeymikey The big problem is with the owner account, since there can be only one.

We can easily share the password for the account with specific people via 1Password, but the MFA is the catch. We once had an issue where the single person in IT who had access to the only phone set up to receive 2FA codes was on extended leave. I spend a good chunk of time while at MacTech that year working through an account recovery process to accept an updated agreement and unblock on iOS release.

Show thread

too many names Dec 7, 2022

@thomasareed Oh, yeah. The Account Holder role. Unfortunately unique due to the legal aspects of that role. You can definitely sign in as a secondary/additional Apple ID as the account on macOS under Internet Accounts as Reminders-only enabled and it will receive MFA codes/notifications. I agree TOTP would be a nice option here, unfortunately I don't have any other recommendations.

Show thread

Thomas Reed Dec 7, 2022

@mikeymikey Okay, I didn’t think there were other options, but just figured I’d ask. 🙂 Thanks!