Activating Apple ID 2FA and adding separate dev accounts to an iOS device

The starting point

I registered my Apple ID before iCloud existed. It is the Apple ID I use for App Store purchases, Apple Music, and, because I registered as a developer before iOS existed, it is also my developer account.

So all my devices are setup with two Apple IDs: the one I just mentioned, let’s call it my primary Apple ID, and my iCloud account, which was registered back in the days of .Mac.

The primary account did not have 2FA turned on, but the iCloud account did.

Activating 2FA and adding separate developer accounts

Apple is now requiring Developer accounts have 2FA turned on as a security measure. So I needed to:

  1. Activate 2FA for my primary Apple ID (the one I don’t use for iCloud)
  2. Add a separate developer account to my primary device, so that I can get 2FA codes when needed.

Activating 2FA for my primary Apple ID

Just to recap, this is the Apple ID that I don’t use for iCloud.

I thought activating 2FA for this account would be just a matter of logging in to, and enabling it. It turns out, there was no way to enable it, and there was no way to add a phone number to the account (which I guess might be the ultimate reason why it was not possible to activate 2FA)

And when I say it was not possible, I mean there was a button to do so, that when clicked, showed a popup advising to activate 2FA from an iOS device, in Settings.

But again as this account is not an iCloud account, there is no way to do that from an iOS device. Dead end.

What I ended up doing was a second iOS device, log into iCloud on that second device using my primary Apple ID, add a trusted phone number, and finally activate 2FA.

First problem solved. My primary Apple ID is 2FA enabled now.

Adding separate developer accounts to my primary device.

This turned out a two step process that is perfectly described in these two posts: first, activating 2FA for the second account and then adding the second account to my primary device.

The first step is simple. To activate 2FA for the second developer account, I added a second user to my Mac, switched to that second user, logged into iCloud using my second developer account, added a phone number (to receive the validation codes), and activated 2FA.

After that, on my primary device, add the second developer account as an iCloud account, sign into it turning off all data (email, contacts, iCloud Drive) validating the log in with my Mac.

Good to go

Now I can receive 2FA codes for three developer accounts on my main device.

The process was not very intuitive, to say the least. Having one device with three iCloud accounts setup in it does not make me feel particularly safe, and I think I am going to try to setup a separate device, without any personal data, just for 2FA codes for my developer accounts.

TIL: protocols and lazy var

TIL this builds:

Swift never ceases to amaze me

WordCamp Taipei 2018

I am still on the long bus ride home from the airport, after an exhausting weekend in Taipei.

Earlier today I spoke at WordCamp Taipei. The experience has been draining, and at the same time extremely rewarding. So rewarding that I might actually consider doing it again 😊

Anyway, I would like to thank the organisers of the first ever WordCamp Taipei for the amazing work they have done. The event run smoothly, so smoothly that you can’t help but thinking “wow, these people have put lots of work and care into this”.

Stuff I’ve read between August 5th and 12th 2018

As a follow up to the “I’m out of Twitter” post, I am starting a weekly recap of what I’ve read.

Stuff from the internets

There’s a limit to the amount of knowledge a single person can cram into their head in a lifetime

When knowledge is the limiting factor

Sunshine, sensuality, and a dash of danger… the ‘warm south’ has fascinated writers and artists for hundreds of years. But why are the Brits so obsessed?

From EM Forster to Mamma Mia! Why we can’t resist the Mediterranean

… You have created all these classes and complexity to replace only one line of code, which is unlikely to be changed.

Dependency Injection smells

We’re not used to thinking about the tech industry in terms of labor […] But tech, like any industry, is composed of workers and owners. The labor of the former generates profits for the latter

Can Silicon Valley workers rein in big tech from within?

From vaccines to climate change to genocide, a new age of denialism is upon us

Denialism: what drives people to reject the truth


Greeks Bearing Gifts

The Male Factor

TIL: Swift 4 and protocol composition.

One of the things I like most about Swift is that almost every day I learn something new, more often than not, something new that makes me write more readable and cleaner code.

Today I realised that protocol composition, which I kind of knew could be used to compose a SuperClass and a Protocol, can help remove some downcasts at runtime, and substitute those downcasts by the compiler yelling at you when writing the code.

Let’s take this code. As usual, it is difficult for me to come up with a relevant example that illustrates what I want, but is also simple enough to be understood without too much context.

Notice how I have to check, at runtime, that the parameter I pass to deliverPresentation implements the Presentable protocol.

If we rewrite the Presenter to be like this, we can make the compiler enforce that whatever we pass to deliverPresentation as a parameter also implements Presentable, so we can avoid the downcast.

A real life example? From this:

To this:


Why code comments and documentation are better than being an arrogant jerk who keeps other developers out

For months, I have been playing around, in my head, with the idea of a post about documentation, and how it just should be one of the things that every software engineer does regularly.

I have written a few drafts, I have listed arguments both for and against writing documentation, I have debated and tried to debunk some of the usual arguments against it, and in the end, it all comes to the following:

Writing some documentation is better than being an arrogant jerk who keeps others out.


Building boundaries with third party libraries

The joys of jet lag. Here I am, at 2:43 am, trying to finalize a post that I started writing a couple days ago, while flying over the Pacific Ocean.

This is about dependencies, those third party libraries that often provide out of the box solutions to complex problems we need to solve.

Importing a third party library will save time and effort. Just add a line to a pod or Carthage file, and boom! We have saved days, weeks or months of development.

There are multiple benefits in relying on a third party library. Popular libraries are often well tested, and contain the knowledge of many developers about a given problem. Third party libraries save development time. Third party libraries avoid reinventing the wheel.

But third party libraries are code that you have not written, code that you don’t actually own, but that you somehow have to start maintaining as soon as you import it into your codebase.

Let’s take an example. Loading images, asynchronously, without blocking the main thread, in a table or collection view cell is a complex problem. We need to cancel image downloads when cells are not visible anymore, we might need to handle cell reusability, and ideally we should cache images. None of those problems are trivial to solve, and might require time and finesse to get right.

On he other hand, we could just import a third party library, like, for example, Kingfisher.

All we’d need to do would be adding a line to a pod / carthage file.


We have created a subtle problem here: our cell’s code depends on Kingfisher. We need to call a specific method in that library, passing a set of specific parameters, in the way that library expects.

That be not be a problem if we only have one cell. But things start getting dangerous as soon as we have more than one cell.

Let’s say there are 10 different cells that present images in our codebase. Kingfisher is so convenient that we will repeat the same code in the 10 of them.

What would happen if, for some reason, Kingfisher stops being maintained? Or a new version of Swift breaks source compatibility again, and this library does no get updated? Or a new library comes by, that is twice as efficient as Kingfisher.

Then we would have a bit of a problem. Our code is strongly coupled with the specific api of a very specific library, and updating our code to use a different library might require getting into shotgun surgery mode.

Shotgun surgery.

How do we switch? Well, we could just do a search and replace, or search all the calls to Kingfisher and update them to use the new, hottest library.

But that is not very efficient, obviously.

So how do we avoid the problem?

Building boundaries

The same way that we have tools and mechanism to decouple some parts of our code from some other parts of our code, we have tools and mechanisms to decouple or code from third party libraries.

And the best tool for decoupling things is, as usual, a layer of indirection.

In this case, we could add a layer of indirection by encapsulating the call to the third party library in an extension to UIImageView. This extension would be code under our control, and will contain a single point of dependency with the third party library.

Our cells will load images by calling a method that belongs in our side of the codebase, not in the library’s side of it.

Now if we want, for whatever reason, to switch to a third party library, all we have to do is modify the implementation of our extension. Import a different library, update the presentImage method to that third party library’s API, and we are good to go.

Final words

Introducing seams between our code and third party libraries decouples our code from external dependencies. That way, we are free to modify those dependencies without having a big impact in our codebase.


Kingfisher is a great library that solves a complex problem in an elegant way. I strongly recommend considering it.