Chapter in this post:
One or the other certainly knows the procedure for two-factor authentication from Apple: You want to take some action that means a deeper intervention in the personal data in the iCloud and Apple verifies this with a code that is sent to another Apple Device that you own.
Such an authentication with a second factor makes sense to ensure that an attacker is not able to log into e-mails or other confidential data areas of the iCloud, for example by intercepting the iCloud password.
In practice, you have to own at least two Apple products. One that you are about to log in with and the other that gives the necessary clearance for this. So the other device is the second factor that is checked to verify the action. One can imagine that it is quite important to know which devices are used here as the second factor.
In my case the list looks like this:
Depending on how often you get a new iPhone or a fresh Mac, this list can be quite extensive and contain devices that you may no longer even have.
If such a "trustworthy device" was stolen or bought second-hand, the new owner - with knowledge of the third-party iCloud login - would theoretically be able to intercept the code from Apple and use it for malicious purposes. Probably the easiest way would be if the villain used it to give himself iTunes credit at the expense of the previous owner. But I am sure that people with criminal creativity have even more effective solutions for getting someone else's money.
For this reason, it is important to check your own list of trusted devices every now and then and to remove iPhones, iPads, Macs or watches that are no longer available from the device list.
Yes, I know ... the attack scenario is relatively unlikely as you would have to have a stranger's Apple device AND your iCloud login information, but if you steal a MacBook and it is not protected by encryption and login, you already have some of the victim's data together, with which you can theoretically continue to try to crack the iCloud login.
If you have several Apple products with the same model name (as in my case two 15-inch MacBook Pros), a click on the picture helps to call up the details such as the serial number. With this you can clearly identify all Apple devices.
In the iCloud settings you can find your own devices as well as phone numbers to which SMS can be sent for authentication.
You usually don't change phone numbers as quickly as the collection of equipment, but here too you should check every now and then whether all the stored numbers are up-to-date.
Jens has been running the blog since 2012. He appears as Sir Apfelot for his readers and helps them with problems of a technical nature. In his free time he drives electric unicycles, takes photos (preferably with his iPhone, of course), climbs around in the Hessian mountains or hikes with the family. His articles deal with Apple products, news from the world of drones or solutions for current bugs.