This article is more than 1 year old

Will someone please buy this guy an Android?

There are plenty of things worth getting really upset about.

Racism. Climate Change. Brexit (regardless of whether you’re pro-Brexit or anti-Brexit, you’re almost certainly feeling very unhappy about how things are going.)

What you shouldn’t be getting upset about is the security that companies like Apple put in place to help prevent your accounts being hacked.

And yet, a man called Jay Brodsky is bringing a class action against Apple in California, complaining that two-factor authentication (2FA) on an iPhone or Mac takes too much time.

In his class action suit, Brodsky alleges:

Apple enabled 2FA on his account without his explicit consent. Which seems very odd, as my experience has been that Apple only offers 2FA on an opt-in basis.

2FA is too inconvenient to actually set up – requiring several steps on several devices.

2FA is just too darn inconvenient to use… because it requires to both remember a password *and* have access to a trusted device. Umm, isn’t this exactly how 2FA is supposed to work? Helping to stop hackers simply needing your password to break into your accounts.

Apple doesn’t let you disable 2FA after it has been enabled for two weeks straight. This appears to be true. It looks like Apple gives you 14 days’ grace to deactivate 2FA if you wish, but after that… you’re 2FA-secured. Of course, this could be argued to be a good thing security-wise.

2FA is required every time an Apple device is turned on. Really? Can’t say I’ve noticed.

2FA takes between two to five minutes to complete. Hmm. When AppleInsider got its stopwatch out, it reckoned the 2FA process took them in total about 22 seconds to complete.

Brodsky goes on to claim that “millions” of Apple users are suffering “harm” and “economic losses” because of the large amount of time that 2FA eats up.

Will someone please buy this guy an Android? Or maybe offer him some free technical support so he can log into his account a wee bit faster?

Hear more discussion on this case in the latest edition of the “Smashing Security” podcast:

Further reading: The man suing Apple over two-factor authentication has ‘previous’.

Read more about two-step verification:

Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.