▲ 1 r/applehelp
Apple accounts use SMS as 2FA (apple devices are the default second factor but SMS is always a fallback option).
Going through the official documentation it seems like SMS can also be used to reset the apple account password (either using another apple device or through a website): https://support.apple.com/en-us/102656
This gives the impression that if someone knows your apple account email (without actually having access to said email) and your phone number they could hack you by targeting your SMS. Going through the process laid out in the documentation they could reset your password and gain access to your account.
Obviously, Apple's security cannot be this bad so what am I misunderstanding? Anyone knowledgeable on this topic?
u/2DPixelKnight — 11 days ago