How do you stop Sequoia's incessant iMessage authentication dialogs?

So here’s an odd one. My wife’s work Mac (14" M1 MBP on the latest Sequoia running nothing but a whole bunch of Microsoft Office shlock) about three times a day throws up an iMessage authentication dialog asking for the password to her personal iMessage account. But here’s the kicker, her work Mac is properly set up to use iCloud with her work Apple ID (an entirely different account) and nothing on that system should use any of her personal iCloud stuff. Finally, she also never used Messages on that work Mac (I don’t think on her private Mac either) so that when you launch the app, it first doesn’t do anythign at all except ask for authentication. And indeed iCloud settings shows Messages off. So what in the world is triggering these auth dialogs from the background?

More importantly, how does she, in spite of already having shut off Messages (or rather never having turned it on), get it to stop nagging her about authenticating to a) a service she has no intention of using and b) even if she did, it would be used with another iCloud account entirely.

I don’t use iMessage via iCloud, and on my Macs I have never used the Messages app either, but I also have never seen the auth dialogs she keeps getting. I realize her work Mac has corporate profiles and they might mess with her system in some ways, but that would still not explain why iMessage (that her Windows-centric company does not use) should want to be authenticated with her personal iCloud account of which her employer and their IT dept should know nothing.

I suspect that’s the culprit. Has she contacted her work IT to ask about this?

How about authenticating with her work AppleId, letting it get set-up, and then signing out?

Dave

P.S. I’ve only gotten those authentication requests a couple of times in a decade usually after a major system update.

Rather than puzzle out which app or setting js triggering Messages in this way, perhaps the answer is to delete Messages.app entirely, as it sounds like she can’t use it anyway.

You can’t do that anymore. Messages, like most default macOS apps, is part of the SSV.

I have found with my personal iCloud (that I use both at work and at home) that there is some iCloud token that gets screwed up. I need to sign out and sign back into iCloud to get the authentication requests to stop. Not sure if this is what is happening here.

So does your wife just dismiss the authentication prompt, or does she attempt to authenticate?

She dismisses it. And so far I’m not sure I want to advise her to do anything else.

You see, this is a work laptop. It has never been in contact with her personal iCloud stuff. I don’t understand how it can even ask for her personal iCloud password, when it should know nothing about that at all.

I hesitate to instruct her to authenticate with her personal password on a system owned and controlled by her employer. I can tell her to try to authenticate using her work iCloud password, but since the authentication dialog specifically asks for the password to the iCloud account her_personal_email@icloud.com (that address actually shows up in the dialog), I doubt that will work. And I’ve confirmed myself her work iCloud account (to which her work Mac is indeed signed up) uses another email address and other credentials than she uses on for her personal iCloud account and personal Mac.

Yikes! Don’t go there! Time to talk to the IT folks.

Dave

There was someone earlier who said they would sign out, then sign back in. You could sign out and then sign back in still using the work iCloud credentials and see if cleans something up.

Also, is there any way that iCloud knows she has more than one account, maybe at one point she used her personal computer to log into the work iCloud?

After that, I would definitely talk to the IT folks, maybe they have seen this already

The sign in for Messages is in the Message Settings. She could make sure Messages is signed out, then sign in with her work Apple ID and password.

How about a total guess? Since she never signed into Messages on her work computer, perhaps she once did some sort of continuity / iPhone mirror / other Apple trick with her phone. Her computer, seeing that she was signed into to her personal Messages account on her phone thought, “Hey, she probably wants to be singed into that account on her computer”. Total wild guess on my part. Singing messages in on her Work appleID may stop the prompts.

I had that thought, too. FaceTime, etc.

In a perfect world, I’d say just give the laptop to the employer’s IT staff, and let them figure it out.

If they are the kind of place that is very Windows centric and does not support Apple devices well, though, it may be worth trying some more direct action.

Some things to keep in mind:

You can be signed into Messages locally without being signed into Messages in iCloud. Is she able to open Messages and get to the Preferences > iMessage pane, or does it ask her to sign in first? If you can get to the Preferences > iMessage pane, then you are signed into some account somehow and will be able to disconnect accounts and sign out from that screen. If you can’t, then that’s fine. Quit Messages.

Assuming that she has no work messages in the Messages app, it should be safe to try to remove the Messages app’s settings files, data files, and other support files. (Double check that Messages in iCloud is disabled first.) One of the AIs gave the following instructions, which sound right, though I don’t know if thety are comprehensive. I’d look around for other iChat/imessage files:

• Open Finder.
• Go to Go > Go to Folder (or press Shift-Command-G).
• Enter ~/Library/Preferences/ and press Return.
• Delete the following files (or move them to a backup location if you prefer):
  • com.apple.iChat.plist
  • com.apple.iChat.Jabber.plist
  • com.apple.imessage.plist
  • com.apple.imessage.bag.plist
• Also, navigate to ~/Library/Messages/ and delete the contents of this folder.
• Important: Empty your Trash/Bin after deleting the files.
• Restart your Mac.

You might also open the Keychain Access app and look for anything related to your wife’s personal iCloud credentials or phone.

If that doesn’t work, I’d be tempted to ask the IT support group to reimage the Mac.

Yeah, I’d feel the same way. It’s a logical thing to try (give it what it wants), but it would all depend on how you feel about the authenticity of the prompt, and the security of her company’s network.

Thank you, all. Good suggestions and thoughts.

I should have mentioned this at the start, her IT dept is a bunch of Windows blowhards who are not about to do Jack to be useful if she comes along with her Mac. The only reason she ever got a Mac is because her boss is the no.2 big cheese at the company who demanded his folks get whatever they need for their work (there’s a lot of designers in that area). But the Windows diehards in IT waste no opportunity to show their disdain for anything not from Redmond (my wife’s Linux buddy is off even worse). I bet those IT guys are a hoot at cocktail parties. That said, she has so far been able to support herself well along with her Mac colleagues. These are Macs after all.

Anyway, that’s why I felt I needed to try to help her figure this out on her own. Otherwise, it would have certainly been in IT’s court.

In the meantime I guess she lost patience with my inconclusive pondering and apparently yesterday went ahead and punched in her personal iCloud password. What followed was 2nd device auth (her iPhone) and then nothing. Apparently her work Mac stalled out on that and she just nuked Settings (she made it sound like Settings had come up, hmmm). And just kept on working.

Bottom line, nothing came out of it and she now hopes that will be the end of it. From her mouth to God’s ear.

If not, I plan to try two things:

1. Launch Messages (no access to its prefs since she’s not logged on to Messages yet on her work Mac). Then authenticate with her work iCloud. Check out what’s going on in there and its prefs. There should be nothing because she swears she’s never used it on her work Mac, which I fully believe because she’s never used it on her personal Mac either (like myself). Then shut off Messages on her work Mac entirely (de-auth). Hopefully that won’t once again trigger auth later. (And if it does, perhaps just keep Messages logged on without use?)
2. Delete all prefs related to Messages as per @josehill’s nice compilation above (thank you, Sir). Trust that this could remove whatever is triggering this incessant auth.

I feel that it probably makes sense to try those two things in that order, too.

Thank you to everybody who chimed in. It’s not everyday so many great ideas come in for some annoying little detail.

Makes me glad I’m out most of all this anymore. Sigh. Push notifications are evil.

Well, the whole story got a whole lot weirder. And there’s even two separate parts to all the weirdness, actually. Bear with me if you dare.

Weirdness 1) I tried Launching her work Messages app. My wife signed on using her work iCloud credentials. Messages then showed a bunch of old threads (from 2023) from her personal iPhone. Note, she doesn’t use iCloud for Messages, keeping all her personal iMessage content exclusive to her iPhone. Yet upon logging in with her WORK iCloud, she’s shown a whole bunch of old stuff associated with a personal iPhone that doesn’t even use iCloud for Messages. And even if it did, it would be using her PERSONAL iCloud. That was a severe Whisky Tango Foxtrot moment. And she was shocked to find personal conversations on her work computer.

We promptly deleted all those threads immediately (and then force deleted them from Deleted Messages) and logged her back out of Messages. In a future step I’ll also be deleting all those Messages prefs as per @josehill.

The only explanation I have for any of this is related to her personal phone number. That is the only link I’m aware of between her work Mac and her personal iPhone. She supplied her personal phone number to iCloud as an alternate contact method (2FA?) for her work iCloud account seeing as she doesn’t have a work phone no. The second ingredient is that she might have at some point tested on her personal iCloud account syncing Messages over iCloud. Perhaps in 2023. That would explain how iCloud got ahold of an old snapshot of her iPhone’s local Messages threads. What I still cannot for the life of me figure out is how that could sync down from her personal iCloud to Messages on her work Mac when said work Mac is connected to her work iCloud. As I said, the only thing Apple has that could link those two completely separate iCloud accounts is that the phone no. associated with one, is a backup contact method for the other. But why should that allow cross-pollination here? I’m at a loss and needless to say, my wife who was cloud skeptical before is now full blown 100% anti cloud anything. Seeing her personal stuff show up on her work Mac shocked her and I don’t blame her. She’s even wondered if she should switch her work computer from a Mac to a PC just to enforce more of a firewall between her personal stuff and her work stuff.

Weirdness 2) At some point during all these shenanigans, macOS on her work Mac threw up a warning about some apps not being able to sync through iCloud because she wasn’t fully signed on. There was even a little warning about that at the top left of Settings. That message was a bit odd because to her knowledge nothing should be syncing across iCloud anyway on her work Mac (and I verified the only iCloud service she had switched on was Find My Mac, also her iCloud was showing 0 KB out of 5 GB used), but we figured we might as well re-authenticate anyway just to get rid of that warning badge at the top of Settings’ left hand pane.

So she clicked on the warning at the top of Settings and that prompted a dialog asking her to authenticate. So she enters her work iCloud password as prompted. That threw up another dialog (one of the newer style dialogs with narrow width that look like iOS dialogs rather than classic wide aspect ratio Mac dialogs), telling her that her Mac would need to authenticate with iCloud so that it could access encrypted iCloud data. It even said she should supply the password to “unlock” Sue’s MacBook Pro which is the name of her work Mac (it’s not really Sue, but that doesn’t matter here). So she enters her login password for her work Mac as promted. That then spawned another dialog. This time a more old-fashioned Mac dialog with a wide aspect ratio telling her that in order to enable access to encrypted iCloud app data, she would have to supply the password for her “other MacBook Pro”. But the kicker here is that she has only one MacBook Pro and she entered the login password to that correctly. There is no “other” Mac attached to that account. It also couldn’t be her personal Mac (which would be connected to another iCloud anyway) because that’s a MacBook Air, not a Pro. Anyway, at a complete loss for what the heck she was supposed to do here, she just entered her work MBP’s login password into this second dialog and that returned that it was the wrong password. ??? There was also a link for “Forgot my password” and that essentially just led to a dialog saying iCloud would continue to work but her MBP wouldn’t have access to all encrypted sync data. When she dismissed that, the little warning at the top left of Settings just showed back up again. We repeated the whole sequence one more time, but of course it didn’t work any different and the outcome was exactly the same.

I have no idea what all that was about. I just know that these dialogs and the way Apple describes which password from what device it wants is absolutely bonkers. Nobody who’s not a complete geek or nerd will ever make heads or tails out of all that. And considering this is exactly how people get lost and confused and ultimately tricked into supplying their credentials to nefarious parties, all I can say is shame on you, Apple. What a gross mess.

Apologies for an epic novel of meaningless oddity. My condolences if you actually made it all this way.

I do, and did. And I’m dismayed.

I have the impression that it has improved recently, and you are still correct. (And it’s not just device, but account. “Enter the password you use to login to MacWhatever” but no indication of what account. In particular, at some point, the authentication process wanted the admin account password rather than my account password. Bah.)

My condolences to you and your wife.

I feel like one of Job’s “friends” and say it sounds like something happened in 2023 that started this whole mess. Did you happen to get the last date/timestamp of the personal message before you deleted it? It is very had to construct what you were doing two years ago.
Also, don’t forget it is not just the main Apple apps (mail, notes, find my, etc.) that use iCloud to sync data. It is also PDF Expert, TurboScan, BBEdit, Pixelmator, Graphic, etc. that use iCloud encrypted data to share stuff. One of them may also be causing pixy fairies to dance on your SSD.

New macOS versions have a system prefs item called Internet Accounts. IF that shows two separate iCloud accounts (Work and Personal, for instance), then she should be able to disable Messages for the Personal account. Something similar may be going on with the phone.

I did some family sharing of apps with my wife, until she started needing to authenticate periodically with my iCloud credentials. Turns out she didn’t really need those apps after all…

Absolutely.

But this is her work Mac. On that she runs very little Apple stuff and a whole bunch of MS Office shlock that relies entirely on OneDrive. Nothing else.

If something is syncing to iCloud, it’s got to be Apple’s stuff. I’d be very surprised to learn that with everything but Find My Mac turned off, there is still other Apple stuff syncing to iCloud.