Skip to content

Multi-Factor Authentication

Multiple phone numbers for Apple 2FA

If you are not already aware you can add multiple numbers to 2FA on the Apple ID - just go into Settings → tap name of AppleID at top → Password and Security

Within that section where it lists the trusted number you can edit and then Add another number - I would add the new Owner’s personal mobile, a fixed landline that will not change and (with the owner’s permission) your contact number if you are going to be supporting these devices. That way you have multiple options for receiving a 2FA code going forward. community.spiceworks.com

MFA recovery for heirs

A few proposed solutions:

  • Add a backup phone for SMS 2FA. This option varies across sites however, so might not completely cover the need. (Also what happens if, say, backup is spouse and we go down on the same plane? Or if I want to change the backup phone.)
  • Stop using phone-based 2FA; switch to Yubikey (though: problem with physical access; adoption) or backup email (though this raises the recursive issue -- how to authenticate to the backup email provider?)
  • Get a survivor to spoof me to AT&T, ask to port the number to a new phone (SIM card), receive SMS on that. Not sure if this is even allowed; they would also need authentication information (AT&T pwd) to get this done
  • Switch to a Google Voice number for texts. I haven't dug in here -- how easy is it for an heir to take over a GV number?
  • Partition online accounts into those which should be handed over via a legal process post mortem (which likely includes most financial accounts) and those which need less security. Set up (and document in the deathbook!) instructions for dealing with the former; turn off 2FA for the latter. bogleheads.org