Apple is officially rolling out the two-factor authentication (2FA), which is also known as two-step verification, to Apple ID accounts that are used in most iDevices – iPhone, iPad, iPad mini, MacBook, iMac and iCloud. 2FA is an approach to authentication which requires two types of verification, comprising of a knowledge factor (a password, which is something you know) and a possession factor (typically SMS send to your mobile phone or a security code generated by token, which is something you have).
The additional layer of identity verification greatly improves the security of an account, especially an online account which subjects to brute-force attack and other hacks.
Now it’s possible to turn on the two-step verification for your Apple ID to further secure the account. Once enabled, additional verification step using one of your device is required when performing the following actions:
- Sign in to My Apple ID to manage your account.
- Make an iTunes, App Store, or iBookstore purchase from a new device.
- Get Apple ID-related support from Apple.
Unfortunately, the 2-step verification of Apple ID does not apply to log in to iCloud, which continues to allow access to Mail, Contacts, Calendar, Notes, Reminders, Documents in the Cloud, and Find My iPhone with just the user name and password authentication. Unlike Google Account with requires generation of app-specific password when setting up application to access emails, Apple ID continues to allow email to be accessed with just user ID and password credentials without second-step verification.
But it’s still better than none. If you want to make your Apple ID account more secure, here’s how to enable the 2FA on your Apple ID:
- Visit Apple ID web page.
- Select Manage your Apple ID and sign in.
- Select Password and Security and answer the security questions.
- Under Two-Step Verification, select Get Started.
- Apple presents three pages of warning and more information about two-step verification, click Continue twice, and then follow by Get Started.
- The first step is to verify any iOS devices that have Find My iPhone enabled with your Apple ID as trusted device, and/or to add a SMS-capable phone number (at least one verified trusted device is required, but Apple also recommends to have at least one SMS-capable phone number as it can be used to receive verification code even in the case of lost or replacement).
Apple automatically displays a list of iOS devices that already have Find My iPhone set up. Click on Verify next to the selected device to have a verification code sent to the phone through Find My iPhone. Once the iOS device is verified, you have the choice of whether to verify its phone number to allow receiving of verification code through SMS, in addition to Find My iPhone, due to reason mentioned above.
To add a phone number as a SMS-capable trusted device, click on Add an SMS-capable phone number…. Then, choose your country and enter your area code and phone number. Apple will send a verification code through SMS. All SMS sent is free.
- When you are finished verifying devices or adding SMS-capable phone number, click Continue.
- A 14-character Recovery Key is shown on screen, click Print Key to print it out and safe-keep it properly. Recovery Key is needed to access your account if you ever forget your password or lose your verified devices. Then, click Continue.
- On the next step, you’re required to enter the Recovery Key to verify the you’re copied it correctly, and then click Confirm to continue.
- On the last step, read through the warning again. If you’re certain that you want to go ahead to enable the two-step verification on your Apple ID account, select the check box of I understand the conditions above, then click Enable Two-Step Verification.
- Click Done when prompted that Two-step verification has been enabled for your Apple ID.
The set up of 2FA for Apple ID has been completed, and you’ll receive email notification for the change too. From now on, you’re need to enter a verification code which is sent to one of your verified device (you’ll be asked to choose which trusted device you want the code to send to), in addition to usual password.
The good thing after enabling the two-step authentication is that you no longer need to remember the answers to the security questions, which they’re no longer in used.
According to the FAQ, initially the Apple ID two-step verification is only available in the U.S., UK, Australia, Ireland, and New Zealand. From September 2014, most likely due to the “TheFappening” celebrities nude photos and videos leaked from iCloud, the 2FA for Apple ID has been expanded to tens of countries. Do check out if you can set the 2FA yet, but if you’re not seeing it, it means the option to enable two-step verification is not available for your country yet.