If you use Apple’s two-factor authentication (2FA), you may have noticed that macOS and iOS sometimes show you a strange location when signing in using your Apple ID from a new device or browser. In my case, the location alert dialog always shows Wallingford, CT instead of Atlanta, GA.
So I did some research to find out why Apple sometimes shows an incorrect location. In this post, I will explain how geolocation databases and your IP address influence where Apple thinks you are located.
2FA for Apple ID
Two-factor authentication makes it harder for someone to gain unauthorized access to your Apple ID, even if that someone knows your Apple ID and password.
Two-factor authentication is an extra layer of security for your Apple ID designed to ensure that you’re the only person who can access your account, even if someone knows your password.Apple
So I recommend enabling two-factor authentication if you haven’t already done so. You can find more information about 2FA, on Apple’s support page.
2FA And Location Information
While 2FA is enabled and you try to sign in to a new device (such as a new Mac), or if you try to login to one of Apple’s web services from a new browser, Apple sends a location alert to all your trusted devices. The location alert dialog shows you where the sign-in attempt came from. More specifically, it mentions the closest city, and it shows a map of the area.
If you recognize the sign attempt and location, you can click on allow and receive a verification code that you can then use to authenticate the sign-in attempt. If you didn’t try to authenticate to any of Apple’s services, or if you don’t recognize the location, you can block the sign-in attempt.
As you can see, it is essential to be able to recognize the location. However, that is difficult, if the location information shown is incorrect.
I am located in the Atlanta area, but anytime I get a location alert from Apple, it shows my location as Wallingford, CT. The first time that happened, I was afraid someone was trying to hack into my Apple ID. So where does Apple get the incorrect information from?
IP Addresses And Geo-Location
Every device on the Internet has a so-called IP address. Some are private IPs that are only reachable within your local network. But some are public, especially the one your Internet Service Provider (ISP) assigns to your router or modem.
Without one, you couldn’t communicate with other devices. Each IP address is part of an IP range (a group of IPs), and that is usually associated with a geographic location. In other words, there are databases that store the relationship between IP ranges and their geographic location.
Many services and web pages rely on that information. For example, if you access your Netflix account from Europe, you may see a different selection of movies and TV Shows, compared to if you access it from the US.
Netflix knows where you are connecting from, based on your IP address. That’s why some folks, including me, use VPNs while traveling, so I can make Netflix think I am connecting from the US.
Apple uses the same technology to figure out where you are signing in from. While researching the issue, I came across an article on Macworld that did a poor job, in my opinion, of explaining the “strange location” phenomenon. None of their suggestions could explain why Apple thinks that my iMac is located in Wallingford, CT.
The Culprit Of The Strange Location Problem
What puzzled me was that according to whatsmyip.org, the geolocation of my IP is Atlanta, GA. So why would Apple show a different location? As it turned out, there are various geo-location databases, and each shows slightly different information. Separate databases map my IP address to the following locations:
- Richardson, TX (IP2Location)
- Atlanta, GA (EurekAPI)
- Wallingford, CT (DB-IP)
That explains why I see strange location information when signing in from a new device or browser. Evidently, Apple uses the DB-IP database, instead of EurekAPI to query IP geolocation information. Interestingly enough, Apple Maps knows my correct location as you can see in the screenshot below.
At least, I now know what’s going on and that sign-in attempts from Wallingford, CT are, indeed, mine.
Have you seen strange location information related to 2FA?