[test1235]

>Push notifications for the token to all your devices instantly

... including non-Apple devices.

I've been faffing with this for the past few days - I had to reformat and reinstall OSX on my rather old MBA (2013), and I didn't notice at first, but it only restored Mavericks (was previously Mojave).

As my only Apple device, I was SOL when it asked me enter my verification code for me to log into the App Store to upgrade the OS (as Mavericks is pre-2FA).

There were no other options for verification and the only other device I own is an Android phone (not entirely unreasonable).

I can't see a way round this other than getting ahold of another Apple device to get the code. Am I missing something obvious?

[PuffinBlue]

I did this recently and basically there's a way of requesting adding another mobile number to the account as a recovery number.

You put in the application, wait about 4 days and then you'll get auto approved (I can't believe any human looked at this process) and you can then set that number as the recovery number.

It seemed to circumvent the whole MFA thing pretty easily but the penalty was time.

No idea what checks were performed in the background by Apple, I suspect none. It seems like the 4 day wait was just to make me feel the system would be secure if someone tried it to me.

[Shank]

You can use Command + Option + R to boot internet recovery instead of the on-disk recovery. That'll download and install the latest version of the operating system associated with your Mac.

On the 2fa front: if you only have one Apple device, you really can't leverage the Apple 2fa system, I think. It always requires a past Apple device of some kind to get the code.

[test1235]

ah .. I didn't know about internet recovery. Hopefully, I'll remember your tip if this happens to me again (I borrowed an iPad, in the end).

Unfortunately, it doesn't look like you can turn off 2FA once you've had it on for some time, so it feels like I'm being pushed into buying a second Apple device?