Why does Apple’s two-factor sign-in think you’re hundreds of miles away?

Why does Apple’s two-factor sign-in think you’re hundreds of miles away? | Macworld

<!– –>


Apple’s 2FA doesn’t use GPS, which results in locations that aren’t exactly where you are.


try {
threshold : 0, // You can set threshold on how close to the edge ad should come before it is loaded. Default is 0 (when it is visible).
forceLoad : false, // Ad is loaded even if not visible. Default is false.
onLoad : false, // Callback function on call ad loading
onComplete : false, // Callback function when load is loaded
timeout : 1500, // Timeout ad load
debug : false, // For debug use : draw colors border depends on load status
xray : false // For debug use : display a complete page view with ad placements
}) ;
catch (exception){
console.log(“error loading lazyload_ad ” + exception);

Apple’s two-factor authentication (2FA) is a boon for anyone who wants to be sure that even if their Apple ID or iCloud password were stolen or found out, an intruder would still need a piece of equipment associated with the account to complete the login. These trusted phone numbers and trusted devices offer good deterrence.

When you log in to an iCloud account, the Apple ID site, or an Apple app that gives you account access or lets you make purchases, you’re prompted on a trusted device if you haven’t been challenged in a while at the software location at which you’re logging in. It’s in two parts: first, iOS and macOS show a tiny map and Don’t Allow and Allow buttons. If you tap or click Allow, you then get a six-digit code you can enter to complete the login.

mac911 2fa trusted login map IDG

This map rarely pinpoints where you’re at.

Macworld reader Sam wondered why that tiny map doesn’t show their current location. They describe it as “far away.” For me, I often get a map centered on a city a good 50 miles away, and sometimes even farther. Why is that?

Apple says in its documentation that it uses the “IP address” of the requesting device, not location services (like GPS, cell-tower positioning, and Wi-Fi positioning). The internet protocol (IP) address defines a location on the internet in terms of how a device is reached through routers, not a physical one.

Starting in the late 1990s, companies began compiling “geolocation” databases of IP addresses, and Apple likely has its own. These rely on information that internet service providers disclose in the domain names they reveal. You’ll sometimes see a city and state name in a fully qualified domain name, like adsl12321.seattle.wa.us.ispname.net. Other times, ISPs use techniques to block identification by assigning IP addresses from an internal pool it largely disconnected from geography. I assume my ISP, CenturyLink, has a big presence in Tacoma, Wash., and that’s why my map typically shows that city at the center.

If you’re using a virtual private network (VPN) or an ISP that engages in more obscurity for your privacy, the city shown could be very far away—even in another country. But you’ll know the timing: if you get a popup and you haven’t triggered it from a login, click or tap Don’t Allow and consider changing your password for that Apple ID or iCloud account ight away.

Ask Mac 911

We’ve compiled a list of the questions we get asked most frequently along with answers and links to columns: read our super FAQ to see if your question is covered. If not, we’re always looking for new problems to solve! Email yours to mac911@macworld.com including screen captures as appropriate, and whether you want your full name used. Every question won’t be answered, we don’t reply to email, and we cannot provide direct troubleshooting advice.

Source link

Content Disclaimer 

This Content is Generated from RSS Feeds, if your content is featured and you would like to be removed, please Contact Us With your website address and name of site you wish to be removed from.


You can control what content is distributed in your RSS Feed by using your Website Editor.

Tech Shop Offers

About Us