iCloud Keychain Verification Codes

RSS for tag

Use verification codes that are integrated with iCloud Keychain.

Posts under iCloud Keychain Verification Codes tag

11 Posts
Sort by:

Post

Replies

Boosts

Views

Activity

Is there a way to hide the 'Save to another device' option during iOS WebAuthn registration?
Hello, I am currently implementing a biometric authentication registration flow using WebAuthn. I am using ASAuthorizationPlatformPublicKeyCredentialRegistrationRequest, and I would like to know if there is a way to hide the "Save to another device" option that appears during the registration process. Specifically, I want to guide users to save the passkey only locally on their device, without prompting them to save it to iCloud Keychain or another device. If there is a way to hide this option or if there is a recommended approach to achieve this, I would greatly appreciate your guidance. Also, if this is not possible due to iOS version or API limitations, I would be grateful if you could share any best practices for limiting user options in this scenario. If anyone has experienced a similar issue, your advice would be very helpful. Thank you in advance.
0
0
211
2w
How to utilize each field of WebAuthn Options for implementation on iOS?
Hello, I am currently working on implementing credential registration for biometric authentication using WebAuthn in an iOS app. I am using ASAuthorizationPlatformPublicKeyCredentialProvider to create a credential registration request based on the data retrieved from the WebAuthn options endpoint. At the moment, I am only using user.id, user.name, and challenge from the options response, and I am unsure how to utilize the other fields effectively. I would greatly appreciate advice on how to use the following fields: **Fields I would like to use: ** rp (Relying Party) I am retrieving id and name, but I am not sure how best to pass and utilize these fields. Is there an explicit way to use them? authenticatorSelection How can I set requireResidentKey and userVerification in ASAuthorizationPlatformPublicKeyCredentialRegistrationRequest? Also, what are the specific benefits of using these fields? timeout Is there a way to reflect the timeout value in the credential registration request, and what would be the best way to handle this information in iOS? attestation The attestation field can contain values such as none or direct. How should I reflect this in the credential registration request for iOS? I would appreciate a sample implementation or guidance on the benefits of setting this field. extensions If I want to customize the authentication flow using the extensions field, how can I appropriately reflect this in iOS? For instance, how can I utilize extensions like credProps? pubKeyCredParams Regarding pubKeyCredParams, which is a list of supported public key algorithms, I am unsure how to use it to select an appropriate algorithm in iOS. How should I incorporate this information into the request? excludeCredentials I understand that setting excludeCredentials can prevent duplicate registration, but I am not sure how to use past credential information to set it effectively. Any advice on this would be appreciated. **Current Code ** Currently, I have implemented the following code, but I am struggling to understand how to add and configure the fields mentioned above. let publicKeyCredentialProvider = ASAuthorizationPlatformPublicKeyCredentialProvider( relyingPartyIdentifier: "www.example.com" ) let registrationRequest = publicKeyCredentialProvider.createCredentialRegistrationRequest( challenge: challenge, name: userId, userID: userIdData ) let authController = ASAuthorizationController(authorizationRequests: [registrationRequest]) authController.delegate = self authController.presentationContextProvider = self authController.performRequests() In addition to the above code, I would be grateful if anyone could advise on how to configure fields like rp, authenticatorSelection, attestation, extensions, and pubKeyCredParams as well. Furthermore, I would appreciate any insights into the benefits of setting each of these fields in iOS, and any security considerations to be aware of. If anyone has experience with this, your guidance would be extremely helpful. Thank you very much in advance!
1
0
155
2w
FB15286954: Loss of 2FA verification codes
Hello, I'll describe an issue I just reported as FB15286954, hoping to see your thoughts on it / what might've gone wrong. Earlier today, I created an account for a website on my iPhone running the release version of iOS 18.0 using Safari, then added 2FA via the Passwords app. I logged in, checked that it works, then closed Safari and did something else (not much on my phone). In the meantime the phone shut down due to low battery. When I charge it again, and open the Passwords app, I come to find out that the verification codes for this website are gone… What could've gone wrong? I was prompted by the website to save a code to check that 2FA was properly configured, so I think I saved it properly in the app (by the way, the password was still there, properly saved). I assume there was a syncing error between iCloud and my iPhone due to low battery? Is there any way to recover the verification codes? I'll try to reclaim the account through the website's support channels, but I'm wondering if I could still retrieve it somehow.
1
0
292
Sep ’24
error sharing url on cloudkit share
I'm studying sharing through this link. I followed the first steps by changing the bundle identifier of the project, the tests and placing my own container in the config and in the info.plist. https://github.com/apple/sample-cloudkit-zonesharing The app appears and in the log it appears that it has managed to access my iCloud, but when I click on share and share something, the following message appears in the console, on the simulator and on the iPhone: "No options were found, providing default value for access type" "No options were found, providing default values ​​for permissions" "connection invalidated" And finally, when I click on the shared link, the following message appears: "Item unavailable The owner stopped sharing, or you don't have permission to open it."
0
0
257
Sep ’24
Unable to export App via Jenkins pipeline
Hi Team, Exporting the archive through the Jenkins pipeline (executing commands on a Mac EC2 instance as a Jenkins agent) isn't working, while exporting directly from the Mac terminal successfully generates the IPA file. What might be the cause? When we execute it on directly Mac terminal, it asks Keychain password first time & after that it automatically generates IPA file. Note : We are using below working command to open keychain access. security unlock-keychain -p "my_password" /Users/ec2-user/Library/Keychains/login.keychain-db Export command : xcodebuild -exportArchive -archivePath $PWD/build/Archive/MyApp.xcarchive -exportPath $PWD/build/IPA -exportOptionsPlist ../../Dev_exportOptions.plist -allowProvisioningUpdates Current details: Node version : node-v18.17.0-darwin-arm64 Npm version : 9.6.7 Ionic version : 5.2.6 Xcode version : 15.4 Macos : Sonoma 14.6.1
0
0
204
Sep ’24
The scammers are able to emulate Macbook M1/M2/M3 devices and steal access via lock to icloud
I am a simple mac seller ,i buy broken laptops from people and repair them to sell so one day one my customer asked to show him video of 4 my laptops after he got only video all became iCloud LOCK Summary - my case numbers are 102302104385 + Case Number: 102309395011 my story is simple the customer asked me about video of the Macbook , because as he told me  , he was need a confirmation about how are laptops are looks like   i do not see any suspicious action here  , customer just want me to show him the laptop like online   So i did it - just send him video - and that is all  then he asked to send video about 3 more Macbooks after it he asked me to Use Erase All Content and Settings so i was sure that there will be no problem  - because i just replaced the motherboard    two weeks ago - so what can be wrong    so when i did it - the Macbook asked if the apple server let him activation  and it was refused   Somehow person who get the video about laptop did a copy of a signal that apple laptop send to apple activation server  and connected  it to his apple id  and after it enabled FMI FMD  - but all time my laptops was turned off But i have video confirmation in my cases that all laptops are without any Apple Id and have new and fresh mac os so after it i was not able to pass the activation because i was scammed and unknown person connected 4 my laptops to unknown account , so after that i was not able to pass the activation  so in fact they are all bricked now   he asked me to pay 1000 $ i told apple about it and they  answer me that it is just my fairy tail and it is not possible   i told them that there is a hole in security and identification of apple devices during enabling FMI FMD  but as i see they do not care - i think it must about 100 same cases  or 1000 - maybe after it they will take care about it  so now i wonder if there any more victims who have the same problem  ? or check here at youtube ServisTT also i and apple support did full apple diagnostic about all devices - i want apple to compare mac addresses and other mac information with the signal that was emulated with the scammer to prove my words - because the scammer was at different location and his emulation device or software was different between my original one macbook Steps to reproduce https://www.youtube.com/watch?v=58AgEcZvrYg&t=98s or check here at youtube ServisTT Expected results i want apple to compare mac addresses and other mac information with the signal that was emulated with the scammer to prove my words - because the scammer was at different location and his emulation device was different between my original one also if you find out that he used Hardware UUID - so why not to mask it or hide or make enable to see only with the password 
 Actual results NO ONE TRUST ME AND NO ONE WANT TO HELP ME
0
0
669
May ’24
Apple cloud storage issue after 17.4.1 IOS upgrade
Hello Everyone, This is regarding recent upgrade issue on my iPhone. I am still struggling to get access to my iCloud storage data for iMessages, Notes with password, Health related stats, etc. I would like to explain chronology of the entire event. There was a recent IOS 17.4.1 update came on April 07th, 2024. I clicked on the update but nothing happened then suddenly my phone passcode wasn’t working. I restarted my phone then the phone was not even accepting my face id. I went to the Apple store. Apple support team have requested me to reset (erase entire data) iPhone which I had already done on next day. I had no others options actually. My phone passcode was not working in reality due to iso update because I haven’t changed my passcode since more than a year. It is also not due to iPhone screen issue which apple team was saying to me initially. Unfortunately, my Apple ID credentials wasn’t working after phone reset so I had to put my Apple ID on recovery mode which took almost 15days to recover even though process is automated as per apple support team which they can’t reduce it. I understand that they are doing for privacy reason but who wants such privacy when even owner can’t access his own account for 15days. I offered them to verify my personal details such as email ID, phone number, passport number and any other details which they can use to expedite the process but they didn’t help on this. At end of the recovery (after 15days), they used same details i.e. my email ID and SMS on my registered number to verify. I don’t understand their logic but if they can take 2-3 business working days for same process then it makes sense to wait rather than 15days. After I regained access to my apple id, I have restored everything using my iCloud storage. I observed that few applications such as contacts, WhatsApp, etc. are restored properly but some of the applications such as iMessage, Notes (specifically locked notes), health data were not restored. iMessage are not synchronizing with iCloud storage when I tried to do it manually too in setting >> apple id>> iCloud >> show all >> messages in iCloud >> sync now. Nothing happens after clicking on it. Locked notes are still showing an error message “Can’t view Note. ‘This note can’t be viewed because encryption key wasn’t found in iCloud keychain. Resetting your end-to-end encrypted data can cause this’”. I have never used custom password to lock note instead I was using Face ID earlier to lock or unlock some of notes. All these things are happening because it is asking for old iPhone passcode to connect with iCloud storage while resetting my iPhone. I am trying to enter all the previous passcodes. a. When I entered correct passcode, then there is no error but still applications are not synchronizing with iCloud storage. b. When I enter incorrect passcodes (multiple passcodes but one at a time) then it gives an error “Verification failed”. It means it is detecting correct passcode as per above point. There is some issue with passcode synchronization with iCloud storage. I have opened a case with apple support team but meanwhile If any one of you had faced similar problem, then kindly suggest ways to me so I will regain access to some important personal information which are present in my iCloud storage. I would like to inform everyone that don’t rely completely on single brand or product. Take multiple backups may be on personal laptops, SSDs, etc. I learnt a lesson that even apple products, software & services are not reliable so think before buying costly products just for sake of brand name.
1
0
939
Apr ’24
Не приходят проверочный код с Alibaba.com
Добрый день! Я создал аккаунт на Alibaba.com с помощью AppleID, при регистрации был выдан подменный адрес почты @privaterelay.appleid.com, при попытке подтвердить почту, письма не пересылаются на мою основную почту.
1
0
694
Feb ’24