Two-factor identification is a very important option for securing your iCloud account, but, in rare cases, it can get in your way … unless you know a trick.
Simon, a reader, believed himself blocked by two-factor identification when he wanted to locate his iPhone that had just been stolen:
I had my iPhone stolen this weekend in Paris in the metro and I was accompanied by my cousin. The thief was in front of us but no way to prove that he had it in his pocket (he started pretending to receive a call on his own phone, taking away the possibility of talking to him and my iPhone was vibrator). I had the reflex to go to iCloud via my cousin’s iPhone but the two-factor identification blocked me since she asked for the code of my iPhone which was in the thief’s pocket. So the thief left with my iPhone.
If Simon had been accompanied by someone from his Apple family share, he could have used that person’s Locate application to ring or lock his iPhone without needing to identify himself. Another possibility is to use another personal Apple device to which it was already connected, such as an iPad (cellular).
But now, Simon had none of that and therefore could not use the Locate function on another device in an emergency (by the time he got home, it was too late, his iPhone had been turned off and could no longer be located). At least, that’s what he believed before learning, too late, that there is a solution planned for this scenario.
When you log into iCloud.com on a new device, after entering your password, you are confronted with the field in which you must enter the validation code received on one of your usual devices. However, you are not totally blocked here.
Notice the three icons at the bottom of the page: Apple gives quick access to Locate, Apple Pay and Apple Watch Settings. You can access these features without entering the second authentication factor.
After clicking on Locate, you access the function which allows you to geolocate your iPhone and make it ring, lock or erase it if necessary. Simon could have made his iPhone ring using this “quick access” on his cousin’s phone if he had known … The other parts of iCloud.com (Mail, Contacts, Calendar, Photos, etc.) are inaccessible without the second factor.
The adventures do not stop there for our poor Simon. His iPhone gone, he configured it in lost mode with a number to call. A little later, the thief texted this number pretending to be Apple.
The SMS contained a link to a fake iCloud site inviting him to enter the unlock code for his iPhone, a code that would have allowed the thief to use the iPhone as he saw fit if Simon had provided it. This is a very common fraud after thefts.
To sum up, two-factor identification will not get in the way of locating your missing iPhone in an emergency. You just need to know that there is this quick access to Locate (as well as to Apple Pay and Apple Watch Settings) when you connect to iCloud.com. Otherwise, you can go directly to the icloud.com/find page which will not ask you for the second factor.