A friend was not receiving Facebook SMS two factor authentication codes on his iPhone. I removed all his blocked numbers and he received the code. We assume he accidentally blocked the number Facebook uses to send SMS codes.
You can see blocked numbers in Settings:Phone:Blocked Contacts (it's actually a list of blocked numbers, not a list of blocked Contacts). If iCloud sync is working you see the same list in Messages on macOS.
Apple's FairPlay DRM management is notoriously fragile. It can be confused by family sharing, Screen Time controls, payment method changes, and, heaven forfend, mixed Apple IDs on a device.
Once Apple's DRM gets confused there's often no user accessible error message (PS. This is a bug [1]). The app just hangs. So when I realized my (manual) App Store updates were not completing I was not completely surprised. Recently I had:
Someone who has your iPhone passcode can lock you out of your Apple iCloud and Apple ID services -- as well as take control of your iPhone and have access to all passwords stored in Apple's Password Manager (iCloud Keychain).
This can happen when someone steals your phone and obtains your passcode by the simple measure of threatening to kill you. Or they might see you enter your passcode or surreptitiously record entry. In bars drugs can be used to facilitate the process. This is often done as part of "borrowing a phone" for an "emergency call". (Never let anyone you don't trust with your life and wealth touch your phone. If it's an emergency make the call for them but ensure they don't record your passcode and don't let go of the phone.)
Once the thief has your phone and passcode they can change the victim's Apple ID password. This prevents the victim from locking the iPhone. The victim could still do the Apple ID password recovery process, so to get more time with the phone the thief can set a Recovery Key. If a Recovery Key exists they can change it. Setting a Recovery Key this way disables Apple ID password recovery. This gives the thief an unlimited time with the phone. It also locks the user out of all their Apple ID associated services and products including video, music, personal photos, personal documents, family sharing, other Apple devices, and the like. From the thief's perspective the Apple ID lock out is merely a side-effect. They may even feel a tiny qualm of sympathy for their victim. They do it to prevent iPhone lockout.
This is an Apple design problem. They need to fix it. Basically the iPhone passcode has far too much power -- especially since it has to be tapped in far too frequently and thus relatively easy to enter. Secondarily the benefits of the Recovery Key are limited to a few people and the with this technique in common use the risks dwarf the benefits. Apple should disable creation of new Recovery Keys immediately while they come up with a better fix.
TidBITS has one of the best descriptions of the problem following a somewhat confused WSJ article. I suggest also reading TidBITs preceding article on the problems with iCloud Keychain.
I was aware of most of these issues, but the Recovery Key hack is new to me. Again, if an attacker has control of your iPhone they can change your Apple ID password, locking you out of your photos, documents, Apple services, Apple media you've purchased, subscriptions, software, and more. At this point you can ordinarily reset your Apple ID password [1] through a tedious series of authentication steps or with the help of a previously specified Recovery Contact [2]. However, if you have set a Recovery Key you can't use these methods. You have to know the Recovery Key. If a thief sets or changes the Apple ID Recovery Key to prevent locking of the stolen iPhone you are truly screwed. Once you set the Recovery Key yourself Apple no longer stores it [3]; they can't recover your Apple ID even if they wanted to.
Apple has to fix several things here. It's insane that a six digit iPhone passcode allows access to all of the iCloud Keychain (Apple Password Manager) and setting up a Recovery Key. The power and risk of the Recovery Key is a separate problem and creation of new Recovery Keys should be disabled until there's a better fix.
In the meantime we've taken two steps on our our iPhones:
I do NOT recommend setting a Recovery Key. An attacker with your iPhone passcode can change it anyway, and you won't be able to use Apple's standard Apple ID password recovery method.
- fn-
[1] One time I tried to use login with Apple on a calendar service provider (Stanza). Apple evidently decided that was a bad idea and instantly locked my Apple ID. I had to follow the password recovering steps. If I'd set a Recovery Key and did not know the Key I'd have lost access to my Apple ID content (photos, etc) for all time.
[2] Setup a recovery contact NOW.
[3] I presume that when you do a standard password reset, or a Recovery Contact does a password reset for you, that behind the scenes Apple is using the Recovery Key they keep.
I use Apple's Notes app fairly often. It's come a long way from early days but it has its share of bugs. The two I run into most often are formatting bugs and especially sync failures.
Formatting bugs seem to be related to frequent edits to a note using Notes app styles and character formats. Sometimes editing stops working in odd ways. I have to create a new Note and select all/paste into the new Note.
Sync bugs are more common and more serious. There are two kinds of sync bugs - global application sync failure and note specific failure.
Global sync means no notes are synchronizing and perhaps no iCloud content. I've seen that with iCloud password changes. I recommend never changing an iCloud password, Apple really doesn't want it to change. I had to recently because trying to use the Stanza calendar on the Saint Paul Saints web site with Apple integration triggered an instant Apple account lockout and mandated password reset (be afraid).
If iCloud sync doesn't work after a password change and iCloud seems to be properly authenticated first try restarting your iPhone or Mac. Then, on an iPhone, try sending an iCloud email. That last may require you to YET AGAIN enter your iCloud password. With luck the credential problem may resolve for all iCloud functions.
Single note sync failure may be something I see because I'm using Notes across the latest version of iOS and Mojave. I suspect it's actually fairly common even on Monterey/iOS though.
If it's just one note that won't sync between two devices you can check out Apple's web client view of Notes. That will tell you which device is off but it doesn't help with the fix. As far as I can tell there's no sync failure resolution built into Apple Notes. If Apple's sluggish iCloud sync means you have edited one note on two devices when they weren't in full sync then that particular note will no longer sync. No error messages, no offer to sort things out, no creation of two versions, it just quietly sits in isolation.
The workaround is to create a new note and confirm that syncs. Then on each separate device move the content from the now isolated notes into the new syncing note. Then delete the notes that didn't sync on each device.
Synchronization is a problem some seem to have solved (Simplenote for example), but Apple is not among this elite group.
A family member was seeing only the default 5GB of storage. I prepared to the usual fixes like restart phone, upgrade iOS, leave and restore iCloud and, finally, remove from family and add back in.
Turned out the fix was much simpler as of iOS 16.3.
Settings:Apple ID: iCloud: Manage Account Storage: Use Family Storage.
After I selected this option they got access to our 2TB and the "Use Family Storage" option went away. Instead they had "Change Storage Plan". Tapping that gave the option to leave Family Storage.
Apple's docs mention something about an iMessage going to family members to give them the option to use Family Storage. I suspect that didn't get attention.
Once I'd fixed the problem I used the new keywords to search for Apple documentation. Google found nothing (though it's really bad now) on the Apple site except a post from 2 days ago. So this might be newish.
Update 1/17/2024
In the 2024 version of iOS and macOS (Sonoma) a friend ran into a similar issue. The family organizer had purchased the 2TB plan but my friend was only seeing the 200GB he paid $1 a month for. This time we found an Apple support document on the problem. If someone is paying for anything beyond the default free storage they have to manually switching into the family plan and end their subscription. This is now found on an iPhone in the newish Settings:Family:Subscriptions.
Also, when updating this, I discovered a 2017 post I'd done where I ran into a similar problem. That might be worth a look too.
... Make sure that you're using the same Apple ID for Family Sharing and Media & Purchases...
They don't say how to migrate to that idea of course! Obviously it was possible to use a different Apple ID for Family Sharing and Media (Apple Music worked before). I don't know if the changes made to my device impacted any other family members (wish I'd checked!), but it appears for a Family Organizer device to see Apple Music they have to use the same Apple ID used at time of purchase.
Somewhat surprisingly Apple let me revert back to Sam/Linda on my iPhone. (I think there was some time limit/change limit on Apple ID media changes.) After a period of sync I had my old playlist and Apple Music access.
My guess is that to make the change to Sam/Sam and keep Apple Music I'll have to end my current subscription (tied to Linda) then change the Media Apple ID then resubscribe for the family. (In practice I'll end all subscriptions for Linda before the change.)
Based on some issues I've seen with my daughter's devices I think that Apple Message sync will only work when both Apple ID for "iCloud" and Apple ID for "Media & Purchases" agree on both devices.
There's a dependency on "Media & Purchases" Apple ID for Apple Messages, perhaps because it's descended from the Apple messaging apps that predate iCloud.
Recently I've had two issues:
Please take these steps to resynchronize the iCloud keychain. Your keychain on iCloud and your other Apple devices won't be affected. Take Step 2 only if Step 1 doesn't solve the problem.Step 1Back up all data.Open the iCloud pane in System Preferences and uncheck the Keychain box. You'll be prompted to delete the local iCloud keychain. Confirm—the data will remain on the servers. Then re-check the box. Follow one of the procedures described in this support article to set up iCloud Keychain on an additional device. Test.Step 2If you still have problems, uncheck the Keychain box again and continue.Triple-click the line below on this page to select it, then copy the text to the Clipboard by pressing the key combination command-C:~/Library/KeychainsIn the Finder, selectGo ▹ Go to Folder...from the menu bar and paste into the box that opens by pressing command-V. You may not see what you pasted because a line break is included. Press return.A folder named "Keychains" should open. Inside it is a subfolder with a long name similar to (but not the same as) this:421DE5CA-D745-3AC1-91B0-CE5FC0ABA128The above is only an example; yours will have a different name of the same general form. Drag the subfolder (not the Keychains folder) to the Trash.Restart the computer, empty the Trash, and re-enable iCloud Keychain.
I'll provide some back story below, but it's tedious and a bit ranty so I'll put the most useful stuff up front.
For *reasons* (see below) I have had an Apple ID associated with iTunes, App Store, physical Apple Store, hardware and other purchases for about 20 years. For other *reasons* almost lost to memory the username has not been a valid email address for most of those years. Until recently it had an associated email address it would forward to but Apple changed things sometime in the past two years and that stopped working.
I'm simplifying.
We will call this Apple ID username "bob@mac.com". I will use alice@icloud.com and dan@me.com for my new Store Apple ID ("Media & Purchases") and my longstanding iCloud Apple ID respectively.
Once bob@mac.com stopped forwarding I no longer received notifications related to Apple Discussions or emails related to charges. Since bob@mac.com was the store Apple ID for my family (this was the practice in early iTunes days) our children (now adult) used it for purchases. Simplifying a lot and omitting family details the lack of email meant no monthly statements -- so I didn't spot a scam subscription - among other things.
I knew I had to fix this but I dreaded the side-effects. I'd already tried undoing the shared store Apple ID and ran into disaster; I had to reverse that attempt. I had to fix the Apple ID invalid email problem first.
Before Apple broke forwarding for the Apple ID "bob@mac.com" I had used "alice@icloud.com" as a forwarding address. Although there was no clue in the Apple ID online configuration tool, I knew alice@icloud.com was still entangled with bob@mac.com (see below, this post goes on for a long time but still omits much).
Ok, so far? I gets a bit simpler then you can skip the back story.
Anyhow ... when Apple broke forwarding they seem to have introduced the ability to change an Apple ID userid - such as bob@mac.com. I believe, though I can't find any documentation, that the visible username with the form of an email address (ex: bob@mac.com) is an alias for an unchanging hidden identifier (maybe a GUID).
After some thought I decided the cleanest approach would be to change my Store Apple ID visible username from bob@mac.com to alice@icloud.com (I knew the two were entangled, see below). It's easy to make this change from appleid.apple.com. When I did this I was not asked to confirm that alice@icloud.com was a valid email address I owned. All I got was an email sent to to alice@icloud.com saying the change had been made.
After I made the change I found the following. I expect other changes as Apple's different systems synchronize and update (I will update this as I learn more, I expect to learn of problems from family members later today):
Messages in iCloud not available as iCloud and iMessage accounts do not match. (Messages in iCloud is not available because iCloud and iMessage accounts are different.)
There's a fix here but it's not the one I needed. When I looked at Messages on my iPhone it showed only my Phone number, the Apple IDs were all absent. When I tried to enter an Apple ID it showed my store Apple ID; I chose "use other Apple ID" and entered my personal iCloud Apple ID. That worked and it immediately restored all my send/receive message list. I could then reenable messages in iCloud.
It didn't fully work on Mojave iMessages though. I reenabled using iCloud Messages in preferences there and about an hour or two later it seemed to start working (though uploading messages to iCloud is still ongoing.)
That concludes the current record of changes to date. So far it has been less of a problem than anticipated, but it's early days. I will add other issues as they emerge. Then I can return to the herculean tasks of moving family members off of a shared Media & Purchases account.
Below are details for the benefit of someone searching who finds this post. They are related older items that I will summarize in outline.
----------- additional details ---------------
As noted above years ago I had alice@icloud.com as forwarding email for the Apple ID bob@mac.com. The address bob@mac.com had no associated email because of complex changes Apple made in migrating from free iTools to not-free .Mac to MobileMe. [1][2]
When I finally realized I wasn't getting Apple media purchase statements for bob@mac.com I began investigating what had happened to the old alice@icloud.com iCloud account. I found it was deactivated. I was able to reenable it. That's when things got weird. Remember (if you read above) that there was no longer anything I the Apple ID settings for bob@mac.com that showed alice@icloud.com.
Once I reenabled alice@icloud.com with a new password I found that:
[2] eWorld https://en.wikipedia.org/wiki/EWorld
. Yesterday the password for App Store was different from password for Apple ID but today they seem to be same. I think they are two different systems that update every few hours...
· Feb 19
Today it appears there is a single Apple ID with two usernames and one password. One username has iCloud services but is nowhere displayed in Apple ID information. twitter.com/jgordonshare/s…
... If you change a phone's Store ID to match the phone's iCloud ID you cannot update all their apps with their iCloud ID password. You need to use the old Store ID password. Even when family sharing is in play...
... I have a hunch that Apple has an internal ID for users separate from the username (email form) displayed with their Apple IDs and Store IDs and iCloud IDs and that is what they use in FairPlay.
I'm happy to say I actually fixed a bug in the buggiest apple product ever - family sharing screen time.
The "always allowed" app list showed "ghost apps" -- left over apps from old versions of iOS like Find Friend. They appeared with a generic icon.
Removing my son from the family then adding him back in removed the ghost apps.
One bug down, dozens remain.
Update: Nope, the fix was transitory. Ghost apps back again. Screen Time is such a cluster.
Update: Ok, this might be the real fix. His Apple ID had 3 associated devices -- and iPad, and iPhone and a macOS user account on an old machine running maybe Sierra. I removed the obsolete macOS relationship from his Apple ID on the web site, but it had to be remove again on his iPad.
(Original 1/31/2021, updated 7/25/2021)
Apple's approach to photography is to keep everything in iCloud and to view or edit the images from a macOS or iOS device running Photos.app (there's also some limited web browser access). There's some limited ability to share albums between family members and other groups, but this has been a mess for years and I'm not sure what parts of it are available in which versions of macOS.
This approach doesn't work very well if you want to mange your photo Library outside of Photos.app. How do you keep track of what you've have reviewed and exported within Photos.app? Photos.app no longer tracks what's on the iPhone vs. what's in iCloud; there's no easy way to know what's not been imported if you don't delete all iCloud images.
This is what I do now:
In Mojave Photos.app create smart folder for all photos that lack keyword of “Exported”
In Photos.app on iOS or macOS
1. Clean up bursts
In Photos. app on macOS (Mojave for me)
1. Start Photos.app from my macOS account
2. First pass cleanup in Photos
3. Select all images in Unexported and export as original (I export IPTC as XMP but not sure that’s useful)
4. Assign all images keyword of Exported
In Finder
1. Remove all the small .mov files that come with Apple’s live images.
Now Import into Aperture. Every so often I purge what's in iCloud, the real home is Aperture and its many backups.
You can't change the date of birth or family relationship of an Apple ID with a calculated age of less than 13 years old. Otherwise it's supposed to be possible to change the date of birth associated with an Apple ID. I've done it before (for good reasons).
Recently I decided to get #2 child an Apple credit card. Since banks take birth dates seriously I decided I needed to correct his before applying. It didn't work!
This is what his birthday looks like on his Apple ID web page (same as in his iOS devices):
When my local Apple store tech was unable to remove the battery from my iPhone 8 they gave me a new device -- which was SIM locked to AT&T.
Well, everyone has to start somewhere, including Apple techs. Hope they improve soon.
Anyway, between the initial restore and the factory reset to clear the SIM lock I've been through two iCloud restores in the past week.
iCloud restores kind of suck now. I think they worked better a few years ago. The good news is that my photos were restored (I don't use Apple Photos/iCloud so I needed that backup). The bad news is that so many apps needed credentials reentered or new certificates generated -- especially when doing a restore after a hardware change.
The worst news is that Google Authenticator lost my authenticator codes. As near as I can tell they are restored from iCloud if the hardware is unchanged, but not if the hardware changes. Or maybe it's a bug. Whatever the reason, I lost 'em.
It was suspiciously easy to regenerate Authenticator codes for my Microsoft account. Not too hard for Google either, because they've moved to preferring an Apple-like proprietary two factor authentication mechanism. It is a bummer for Dreamhost though -- so now I'm going through support to try to recover access to my domains and web content.
It's hard to reconcile security and backup/restore. For example, Google Wallet and your biometrics (finger/face) aren't backed up either. On the other hand your Keychain credentials are in iCloud, and anyone who can get into your iPhone can read all of your passwords (try: "Hey Siri, Show me my passwords" or see Apple's hidden password manager). So your 4 digit Apple device passcode is not a great idea.
PS. I'm storing Authenticator codes in 1Password now. Which, like most small company software, has its own security concerns, not least that it would be relatively easy for China, say, to acquire the company or insert a backdoor into the source code.
(You can skip the rant to get to the tech details)
<rant>I frequently berate Apple for the radioactive-feces-infested-dumpster-fire that they’ve built out of Family Sharing and Parental Controls / Screen Time / Restrictions [1] … but my latest experience has added a note of sympathy for the engineers who offend Tim Cook and are HR assigned to work on this prior to leaving Apple.
Apple has built something insanely complicated. The intersection of user interfaces, regional rules and restrictions, content licensing, DRM, functional requirements, iOS, macOS, iCloud, sync, multiple OS versions … heck, there probably time zones in there too. At this point they might as well give up and throw a neural network at it.
Whatever your day job, be grateful this isn’t what you work on.
Things are almost as bad on the consumer side. There’s a reason I seem to be the only person alive trying to make remote Screen Time work. (It’s a book project, I don’t have a choice.) With some effort I’ve come up with practical recommendations for caregivers (example) — but they assume the software actually functions. In practice I have run into a wide range of bugs and weirdness, particularly since iOS 13 was released.<rant>
Among the many complications Apple contends with into are rules about how many devices and how many users can be a part of a Family for the purposes of both DRM management and remote Screen Time. These are poorly documented, but as best I can tell the limit is 5 family members and somewhere around 10 devices (it’s not clear how multi-user accounts on macOS are treated or Apple TV). Our family has five members so we’re pretty much at the limit and I think we’re at the absolute device limit as well.
I say “think” because it’s not clear that there are error messages, I think things simply break.
So the baseline situation is pretty bad, even before one runs into bugs with handing down devices between family members.
I made things worse though. For a book project I added a test account — sphone4all@icloud.com. That pushed us up to six family members and probably hit or exceeded our device limit. Since my test phone is an iPhone 6 [2] it can’t upgrade to iOS 13 and is no longer useful for the book project. So I decided to try to remove it.
That’s where my next set of problems began. I’d make the mistake of creating the book account with an “age” less than 13. Ages are important in Apple’s Screen Time world. Basically:
Age 18 or more: independence, controls stop working, can purchase ad lib, can be Organizer. (Basically at age 18 you need to remove children from Family.)
Age 13: non-vulnerable status but subject to controls, cannot be Organizer. Age 13-18 is the range for Screen Time and content sharing. If you are the caregiver for a vulnerable adult (ex: cognitive disability) and need Screen Time support you need to periodically adjust their birthdate so they are over 13 and under 18. (We need legislation so Apple supports cognitive disabilities they way they support visual disabilities.)
Age 12 or less: vulnerable status. See below for the special rules.
I’d blundered by creating an iCloud ID for a “child” account with a current age of < 13. These vulnerable user accounts are special:
That last bullet point is important. It’s a bit weird, but Apple documents how to create an Apple ID that doesn’t have a payment method. You can use it to buy free apps and tunes.
You can’t, however, turn that Apple ID into a family organizer:
If you're the family organizer for a Family Sharing group and want to share purchases with your family, you're required to have at least one payment method on file. A payment method is also required to set up accounts for children.
If you have an Apple ID like that, and you try to make it a Family Organizer in macOS Mojave iCloud despite the warning, you’ll get this helpful error message:
“There was an unexpected error”. Yeah, Apple was serious about that “requires a credit card” warning, they just didn’t code the error handler response for those who ignored it. I figured given the kludgy workaround Apple documented that the warning was obsolete. Wrong.
Why does Family Sharing require a payment method? I suspect Apple’s hacked together back ends can’t prevent some purchases even when there’s no payment method — and Apple doesn't want to get stuck with the tab. Another possibility is that it’s needed as part of Organizer identity tracing in case a vulnerable child family member is at risk.
So, what do you do when you have too many kids and you need to dump one that’s under 13?
The only recourse, short of phoning Apple support, is create another full Apple ID (age over 18), make it a Family Organizer, and transfer the sub-13 to that “Organizer”. You need hardware to create a full Apple ID, but if you have a Mac you can do it just by adding a system user. I did that to upgrade a limited Apple ID I’d created long ago to a full Apple ID. I then tried to use this fake parent/Organizer without a payment method, which is how I got the “unexpected error”.
After I added a real payment method and confirmed iTunes could see the account change I tried to again make that Apple ID the Organizer for a new family. This took a while. At first the macOS Mojave iCloud Preference Pane would simply display a blank window. After about five minutes it worked. I presume a back end system got updated.
From there I hopped through the transfer process between the macOS account for my new Organizer Apple ID and my iPhone that currently managed my faux 11yo. Some of the screens i saw are illustrative:
I got an error message during the process saying the request had expired, but it went through anyway. I think I got that errant error message because I backed up a screen to do a screenshot. Yeah, this stuff is fragile.
So it appears for now that I’ve moved my fake 11yo from my true Family to a new fake Family where it will sit for another 2 years. Then it will turn 13 and I can vaporize it (I’ve created a future task :-) and then I can remove the payment method for the fake Organizer.
Once I get my strength up I may try to contact Support about some of the other problems with our Family Screen Time, like that handed down device still stuck to my daughters account (or I can just wait until she’s 18 and exits).
Now I need some Scotch, but it’s still a bit early here ...
- fn-
[1] Extending the existing Family Sharing to enable remote Screen Time management was a fatal error.
[2] The iPhone 6 can’t move beyond iOS 12, but Apple is still supporting iOS 12 on it, and since iOS 12 is superior to 13 in several ways the 6 is arguably now a better phone than the 6s.
See also:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>URL</key>
<string>https://www.icloud.com/notes/0HxBnHC0QgNjaCyxlsPXOLLvw</string>
</dict>
</plist>
As recently as 2018, Apple had stopped supporting multi-select in iCloud Photos.web. It was really annoying.
Today it works. I don’t know when this was fixed. It didn’t get a lot of attention in my streams.
It’s a big feature for me. Now if I want to add photos from my wife or daughter I can browse to their iCloud accounts, select from Photos.web, and download. Much easier than switching to a user account, running Photos.mac, waiting for it to sync, exporting to a shared account, etc, etc.
One odd thing, the file “Modified” date is “Tomorrow at 12:15am”. Presumably a server time zone problem….
There’s a well known old-device bug with Screen Time. Once you’ve setup up Screen Time for a child’s device it will always show up under their Apple ID — even after you wipe the device.
So my daughter’s old iPhone 6 showed up under her Screen Time Apple ID — even after it had been wiped.
Today I changed the Apple ID for that device and enrolled it in Screen Time under a new Apple ID. Then I went to look at her Screen Time device list. Lo and behold — the old device was still there, but now its device name changed to match the device name it had when I reenrolled it with the new Apple ID.
So now one device shows twice in my remote Family Screen Time, once under my daughter’s device list, once under the new Apple ID.
I’ve read that Apple’s Screen Time was a “rush job”. Looks like the dev is doing Screen Time by storing a device identifier — maybe a Serial Number and the device name used at enrollment time. They should have used a combination of Apple ID and device identifier but they used device identifier alone.
A reputable Twitter source recently wrote that “Screen Time” was "a rush job".
It feels that way. As part of a book project I’ve spent way too much time experimenting with Screen Time. It needs a top to bottom rewrite. Also needs an API so other vendors can extend what Apple offers.
Anyway, I’ve learned two new things about Screen Time — two special ages and a hint about why one iPhone could not be enrolled in remote Screen Time.
First the ages. US Screen Time has two special ages: 13 and 18. We know about 18, but the 13 is new to me.
If a Family Member's Apple ID birthdate means their current age is over 18 then remote screen time blocks are turned off. It’s an 18th birthday gift from Apple! This is a problem for special needs adults — chronologically 18 but very vulnerable. The workaround for a special needs adult is to set their AppleID birthdate so they are 14 (write down the birthdate you used, you may need it).
Note I wrote 14, not, say, 10. That’s because 13 is another special age. If a Family Organizer creates an Apple ID birthdate such that a family member’s age is under 13 they will see, after it’s been created, the message "Children under 13 cannot be removed from Family Sharing.” Not only can they not be removed, their birthdate cannot be changed either. You will need to call Apple Support to have changes made, and you may need to work with a supervisor. Meanwhile any devices with that Apple ID will count against your sharing cap.
What else did I learn?
I learned that some Apple IDs won’t work with Screen Time. It’s not clear why; I assume it’s a obscure bug somewhere in Apple’s creaky identity management infrastructure. When I set up a test phone for my book project I used an old Apple ID of mine. Without going into the convoluted history, that Apple ID is descended from an old mac.com/MobileMe email account and it’s all way too complex to describe. In any case, even though I'd changed the birthdate so age was 14, remote Screen Time settings didn’t “stick”. I’d enable them, they’d flip back to off. I changed the device Apple ID to a fresh one created from my Family Organizer account (which is how I discovered the 13 yo bit) and now it works.
Since my test iPhone doesn’t have a SIM card I wondered if that was part of my remote Screen Time problem. It wasn’t — my setup worked fine. Interestingly when I set the Apple ID this way both FaceTime and iMessage also worked without a SIM card — no ‘waiting for activation’ issues.
