Apple's new 2FA requirement for developer Apple IDs [closed]

xcode apple-id two-factor-authentication

Solution 1:

The new 2FA requirement is not concerning a new 2FA system - it is the same 2FA system that Apple ID users have had available for a very long time now. You can find tons of guides and information about this on the net.

You seem to be asking many different questions all revolving around the same theme. Therefore I will give you a general answer, but if you want specifics about each sub question then ask it as its own question.

Yes, you can use 2FA without using iCloud Drive, without syncing with iCloud Photos, without using iCloud mail, etc. You need nothing more than the Apple ID you already have.

Yes, you do need a working phone number. It does not have to be SMS, as you can request a voice message instead.

No, you will not need to use this method regularly. It is intended only for when you have forgotten your password or want to do account recovery.

Yes, 2FA devices work perfectly well offline. You are not suddenly requires to be online all the time. If you want to interact with Apples servers for downloading provisioning profiles you’ll need to be online, but that has always been the case.

No, you’re not going to be generating and entering 2FA codes all the time. You do this once per “system” and a token is stored that means you won’t have to do it again on that system until you change your password or otherwise revoke the token. A system could be a browser, Xcode or whatever you use to talk with Apple’s systems.

No, you cannot use Yubikeys or similar. You can use Apple devices such as for example a phone with a Secure Enclave. It is the same principles as the Yubikey using TOTP with a secret stored in the Secure Enclave.

The 2FA request is not initiated when you connect to the internet. It is only when you specifically tries to access something on Apple’s system without having a pre-stored token. Yes, you can use 2FA even though you’re connecting over VPN.

No, it doesn’t matter if you have published apps or not. It is a generic requirements for members of the developer program. You’ll know if you’re affected because Apple send you a direct email about this.

Yes, you can use your developer 2FA on a “private” device without having to remove your private 2FA account from the device.

Related

MacMini 2018 is slow to wake after sleep
Safari randomly and periodically loses cookies
How to backup only the settings from a MacBook Pro
Can you find Airpod Case using Find my iPhone?
Why is my approved iOS app, distributed "privately as a custom app for business," not visible to my organization in Apple Business Manager?
SSH daemon listens on both IPv4 and IPv6, but I can connect only over v6
Batch read file name and change content creation date
How can an iPad in airplane mode detect iOS update?
Bash: Elegant ways to use multiple variables for shortening long strings?
How to enable file sharing for the new 'private' folders in Catalina?
How do I Eject USB Storage in iPadOS 13
Can I sell a PDF through the iBooks store?