Advertisement
Advertisement
⚡ Community Insights
Discussion Sentiment
100% Positive
Analyzed from 271 words in the discussion.
Trending Topics
#code#visible#access#icloud#apple#user#key#used#filevault#recovery
Discussion Sentiment
Analyzed from 271 words in the discussion.
Trending Topics
Discussion (8 Comments)Read Original on HackerNews
great.
No. It is unrelated to Apple ID 2FA.
If its what I'm thinking of, it used to be a user-visible thing[1] back in the day.
But now with the need for increased security posture in the modern environment it is now not user visible but held locally and encrypted using the local device secure enclave key. So you would typically now see a prompt for the device password so the enclave can be accessed to access the key to setup/renew iCloud access tokens.
As far as I am aware the only user-visible string still available in the Apple world is (for obvious reasons) the FileVault recovery key on macOS devices. Which is only visible once ... shown to you when you first enable FileVault.
[1] https://support.apple.com/en-us/101265
It used to be user-visible, yes, but I wonder if TFA isn’t a little out-of-date, as the UI flow that used to work in order to see this (settings/icloud/keychain/advanced) isn’t there anymore on Mac or iOS. And random poking around indicates that they didn’t move it.
When one would be prompted to create a new code, the dialog said something about “changes to the servers” or something similar. Now, having read TFA, I wonder if that doesn’t mean an HSM got compromised somehow.
That sounds more like the FileVault recovery key ?