Apple hit with two-factor lawsuit alleging 2FA is too disruptive

Apple are facing legal trouble again, after a class action lawsuit has been filed  alleging the California-based tech giant’s two-factor authentication takes too long and is disruptive to users.

The suit has been filed by Jay Brodsky in California, and claims that  the two-factor authentication doesn’t get user consent before enabling, and then it “imposes an extraneous logging in procedure that requires a user to both remember password and have access to a trusted device or trusted phone number” to use a device when 2FA is enabled.

It seems like a somewhat frivolous lawsuit, but could have wide-ranged effects on the technology industry if it’s successful. However, it’s hard to take the concerns seriously when someone is firing up a lawsuit to complain about having to remember a password.

The paperwork around this file alleges that harm is being done as a result of the 2FA, and that it was added via a software update in or around September 2015. The paperwork also suggests that harm is being done as potential class members “have been and continue to suffer harm” as a result of Apple’s 2FA.

It also suggests that several members may have  suffered economic damage due to the time they’ve spent unlocking their phones using 2FA, which is nearly incredulous enough to make this staffer laugh out loud, although no doubt is a serious concern that should be treated very seriously indeed. Especially as the process supposedly takes between two and five minutes to complete, even single time.

“First, Plaintiff has to enter his selected password on the device he is interested in logging in,” says the suit. “Second, Plaintiff has to enter password on another trusted device to login. Third, optionally, Plaintiff has to select a Trust or Don’t Trust pop-up message response. Fourth, Plaintiff then has to wait to receive a six-digit verification code on that second device that is sent by an Apple Server on the internet. Finally, Plaintiff has to input the received six-digit verification code on the first device he is trying to log into. Each login process takes an additional estimated 2-5 or more minutes with 2FA.”

You can see the full filing here.

It’s not our place to comment on any legal proceedings, but we’ve got a couple of Apple users here in the office, and we struggled to get a two-factor auth warning to pop up in the first place. However, after we did, team Trusted managed to finish their 2FA log-ins in around 30 seconds each.

Using Apple’s 2FA? Struggling with how long it takes? Let us know your thoughts on Twitter at @TrustedReviews

Unlike other sites, we thoroughly review everything we recommend, using industry standard tests to evaluate products. We’ll always tell you what we find. We may get a commission if you buy via our price links. Tell us what you think – email the Editor