That was a great explanation eccparis, thank you for sharing that here, with illustration. Please explain though what you mean by “map”, can’t place that abbreviation.
Aside from that question, I understand everything you explained, but could you clarify this:
Is your iPad a trusted device for several Apple IDs at the same time? Or is it just for your dad, so you can help him? @ddmillercommented that if you wanted to use your device as a trusted device for more than one Apple ID, you you would have to switch between them, logging out and in, which is also what I would think. That would be too cumbersome I’m afraid.
There is no need to log the iPhone out of the primary Apple ID account. My experience is that a device can be logged into additional iCloud accounts, and become a trusted device for those accounts. My iPhone is trusted for 3 different Apple ID’s.
Sign into the additional Apple ID’s, i.e., Mom’s account, in the Mail settings. You can then enable Mail, Contacts, Calendars, and/or Reminders. Once trusted, you can turn them all off if desired.
Right, if it’s an iCloud account. If the Apple ID uses a non-iCloud (or me.com or mac.com) address, you need to log in to the Apple ID in settings / Apple ID (the top setting), and that can only be logged in to one Apple ID at a time. (Which is what I thought I said above.)
It’s all pretty complicated, especially AppleIDs, even for an Apple nerd like me. But this is all very interesting for me (and my nerdyness) and much will be useful.
My mother’s AppleID has two email addresses associated with it. Her primary, non Apple email address, and her iCloud address. I realised this when I discovered that the contents in her iCloud.com were identical no matter which email address was used to log in.
So I presume I could make her iCloud email address primary, and exchange the current non-Apple email for some other email (as a backup). We will probably want to have her stop using the current non-Apple email anyway because of the fraud.
So, I’ve gotten a lot of really good advice and feedback, but I don’t think I’ve actually gotten an answer to this question. Probably in part because its hard to see the whole picture so it’s hard to formulate the question correctly.
Perhaps if I phrase it like this:
Does Mom’s iPhone have to be a “trusted device” in order for it to be connected to her iCloud account? Does it have to be trusted for example in order for Photos to synch with her iCloud Photos and in order for the Files app to connect to her iCloud Drive files?
Yes, that’s perfect. If your brother (or you) connect to the iCloud email address, the phone will start getting the 2FA prompts if anyone tries to log in to the Apple ID. There would be no need for your brother (or you) to log out of their own Apple ID and then log in with hers - a phone that connects to the iCloud email address should start getting the prompts.
Ok, thanks so much. It was as expected then. I consider that to be a real weakness in the AppleID ecosystem in this particular situation, where you want a person with diminished cognitive ability to be able to access her account and iCloud information, without being able to approve 2fa requests.
Yes, but then might the reverse not actually allow other untrusted devices to access her Apple ID and iCloud services???
Come to think of it, I’ve a feeling that the powers that be at Apple would or should be able to come up with a proper solution for such situations. After all, you and I as well as several others who have posted on this thread cannot be the only people on the planet dealing with this!
Time to contact Tim Cook? (I almost typed Steve Jobs…)