My first hitch came when I tried to re-install OS X from the recovery partition. It detected that my existing installation was El Capitan, whereas the recovery partition contained Yosemite -- because of this mismatch, it refused to install. Thankfully, I discovered that some forward-thinking person(s) at Apple had built in a web-based recovery option as well. After a while, Yosemite had downloaded and installed successfully onto my Mac -- or so I thought.
When I tried to log in to the App Store in Yosemite, my login details were refused with the less than helpful message "Error description not available". When I tried to log in using iCloud with the same account, I was told that two-factor authentication was enabled, and that I should look at my "other devices" for a code. I have no other OS X or iOS devices, and I had no memory of ever having enabled two-factor authentication, but I could select an SMS text message option as well. This worked fine -- I got a code on my mobile phone and, using that, could log in to iCloud.
I contacted Apple support who walked me through checking some basic settings and so on and told to try logging in to the Apple ID administration site online. The theory was that I would be able to disable two-factor authentication and it would all work fine again. When I went there, I was presented with a somewhat similar request for a code, except the text message option never resulted in any message being received on my phone. We tested this numerous time without success and I was also in touch with two other support technicians at Apple. With two-factor authentication enabled, Apple was not going to be able to help me gain access to my account, even though their server wasn't sending me any text messages when trying to log in to Apple ID (whereas logging in to iCloud was still working fine).
I registered a new Apple ID and used that to gain access to the App Store, accepting that my previous Apple ID might simply be irreversibly lost. However, Apple eventually got in touch with me again, this time a senior support technician, and advised me that if I went this route, I probably would not be able to use services like "Find my Mac" as those would be registered to my original account. In order to fix that, I would have to bring my receipt of purchase and get my Mac serviced at a repair center -- at my cost. While Apple support was always polite and much better than most support experiences I've had before, this greatly annoyed me. I stressed that there's nothing wrong with my computer, but something at Apple's backend prevents me from logging in to either the App Store or the Apple ID administration site, presenting a weird error message in the first case and not sending any SMS code in the second case. The Apple representative was sympathetic, but was going away on holiday. I was told the matter would be escalated further, to an actual Apple engineer who would get in touch with me the following week.
I was never contacted by the engineer, but I decided to try "Find my Mac" with my newly registered Apple account by logging in to the iCloud website. Thankfully, it worked just fine, so the theory that my computer was somehow irrevocably tied to my original account didn't quite seem to add up.
I e-mailed the senior support technician again to understand the situation better and a phonecall was arranged. I was prepared to completely give up on my original iCloud account -- all I wanted to know was whether there was any downside to just using my new one instead (except losing App Store purchases and so on, of which I had few).
The Apple technician confirmed to me that since I could successfully use "Find my Mac", it was clear that my new Apple ID was properly setup on my computer and I could simply ditch the old one. More interestingly, he also offered up a theory on what might have happened. He explained that El Capitan comes with a new two-factor authentication system for Apple IDs, different from the two-factor authentication presently available. He said he thought El Capitan either enabled two-factor authentication automatically upon installation, or made it very easy to accidentally enable it during the sign-in process without realizing it. Because I have no other Apple devices to receive codes on, this setting probably "wrecked" my account. It might be possible to re-gain the original account by re-installing El Capitan and using the two-factor authentication setting there to disable it. I was thrilled to finally get a plausible explanation of what had happened, but tired after investing a lot of time in trying to figure out this problem. I decided to simply let the matter be. I said that while I accept some blame for this problem for trying a pre-release operating system and was prepared to live with various problems while using the new version, I was very annoyed that the El Capitan also seemed to make important changes to my on-line Apple ID that under some circumstances could prevent me from logging in again -- maybe ever -- from other Apple devices or operating system versions. The support technician said he would relay this to the OS development team.
 |
| Apple's e-mail about two-factor authentication |
Afterwards, the senior Apple technician sent me a link to a page explaining the new two-factor authentication in El Capitan and iOS 9. It seemed to me like El Capitan might have automatically enrolled me in this new feature, but failed to let me add a trusted phone number to receive SMS codes on.
Lesson learned: trying new operating systems could affect more than your current computer, tampering with on-line backend systems in unpredictable ways. Be careful out there!
