That was a great explanation eccparis, thank you for sharing that here, with illustration. Please explain though what you mean by “map”, can’t place that abbreviation.
Aside from that question, I understand everything you explained, but could you clarify this:
Is your iPad a trusted device for several Apple IDs at the same time? Or is it just for your dad, so you can help him? @ddmillercommented that if you wanted to use your device as a trusted device for more than one Apple ID, you you would have to switch between them, logging out and in, which is also what I would think. That would be too cumbersome I’m afraid.
You just need to do it one time to make it a trusted device for that Apple ID. It doesn’t need to be actively logged in to your Mom’s account - just once.
There is no need to log the iPhone out of the primary Apple ID account. My experience is that a device can be logged into additional iCloud accounts, and become a trusted device for those accounts. My iPhone is trusted for 3 different Apple ID’s.
Sign into the additional Apple ID’s, i.e., Mom’s account, in the Mail settings. You can then enable Mail, Contacts, Calendars, and/or Reminders. Once trusted, you can turn them all off if desired.
That’s it exactly! My 11-inch iPad Pro is a trusted device not only for my own Apple ID, but also those of my mom and my dad. All I did was signing into their (iCloud) mail accounts and voilà !
Right, if it’s an iCloud account. If the Apple ID uses a non-iCloud (or me.com or mac.com) address, you need to log in to the Apple ID in settings / Apple ID (the top setting), and that can only be logged in to one Apple ID at a time. (Which is what I thought I said above.)
Yes non-iCloud/me/mac.com email addresses as Apple ID would be problematic in this scheme. BUT… how about changing the email of the Apple ID to a new iCloud email? (Just a wild guess…)
Seems feasible according to this article:
Alas with one important caveat:
“If you try to change your Apple ID to an @icloud.com email address that was created within the last 30 days, you will be asked to try again later.”
(Sorry, Owen, this is probably more trouble than you and your brother are up for…)
It’s all pretty complicated, especially AppleIDs, even for an Apple nerd like me. But this is all very interesting for me (and my nerdyness) and much will be useful.
My mother’s AppleID has two email addresses associated with it. Her primary, non Apple email address, and her iCloud address. I realised this when I discovered that the contents in her iCloud.com were identical no matter which email address was used to log in.
So I presume I could make her iCloud email address primary, and exchange the current non-Apple email for some other email (as a backup). We will probably want to have her stop using the current non-Apple email anyway because of the fraud.
So, I’ve gotten a lot of really good advice and feedback, but I don’t think I’ve actually gotten an answer to this question. Probably in part because its hard to see the whole picture so it’s hard to formulate the question correctly.
Perhaps if I phrase it like this:
Does Mom’s iPhone have to be a “trusted device” in order for it to be connected to her iCloud account? Does it have to be trusted for example in order for Photos to synch with her iCloud Photos and in order for the Files app to connect to her iCloud Drive files?
Yes, that’s perfect. If your brother (or you) connect to the iCloud email address, the phone will start getting the 2FA prompts if anyone tries to log in to the Apple ID. There would be no need for your brother (or you) to log out of their own Apple ID and then log in with hers - a phone that connects to the iCloud email address should start getting the prompts.
Shot in the dark here, and apologies if I missed this above, but would putting her iPhone under parental controls result in removing it from the 2FA notifications?
Ok, thanks so much. It was as expected then. I consider that to be a real weakness in the AppleID ecosystem in this particular situation, where you want a person with diminished cognitive ability to be able to access her account and iCloud information, without being able to approve 2fa requests.
Yes, but then might the reverse not actually allow other untrusted devices to access her Apple ID and iCloud services???
Come to think of it, I’ve a feeling that the powers that be at Apple would or should be able to come up with a proper solution for such situations. After all, you and I as well as several others who have posted on this thread cannot be the only people on the planet dealing with this!
Time to contact Tim Cook? (I almost typed Steve Jobs…)
