Skip to main content

Apple beefs up iCloud, Apple ID security with two-step verification

Screen Shot 2013-03-21 at 2.31.03 PM

Today, Apple has rolled out a new two-step verification service for iCloud and Apple ID users. This functionality greatly enhances the security of Apple accounts because it requires users to use a trusted device and an extra security code.

This security code can be sent via SMS or via the Find my iPhone iOS app (if it is installed). Users can now setup two-step authentication on their devices via the Apple ID website. Users need to access the security tab on this website to conduct the setup process.

Screen Shot 2013-03-21 at 2.31.07 PM

During the setup process for two-step verification, users can choose which of their iOS devices they want to be “trusted.” This new service will allow only you to be able to reset your password. All of the details below:

Apple’s two-step verification is available in the U.S., U.K, Australia, Ireland, and New Zealand.

Last year, the security of Apple’s online services came into question when technology writer Mat Honan’s digital life was hacked via social engineering. His iCloud account was hacked and accessed. His computer ended up being completely erased via Apple’s Find my Mac restore feature.

Apple requires users to print out a recovery key. This key is the only way to access your iCloud or Apple ID account if you cannot access your iOS device. Apple’s phone support will no longer be able to reset your Apple account password.

Notably, Google’s online services have offered two-step verification for years.

Earlier today, Apple begun training its AppleCare phone support employees on the new system. Details of Apple’s training materials are directly below. Additionally, several more details are below.

Screen Shot 2013-03-21 at 2.28.13 PM

Below are all of the details about two-step verification:

What is two-step verification for Apple ID?

Two-step verification is an optional security feature for your Apple ID. It requires you to verify your identity using one of your devices before you can:

  • Sign in to My Apple ID to manage your account.
  • Make an iTunes, App Store, or iBookstore purchase from a new device.
  • Get Apple ID-related support from Apple.

Turning on two-step verification reduces the possibility of someone accessing or making unauthorized changes to your account information at My Apple ID or making purchases using your account.

Why should I use two-step verification with my Apple ID?

Your Apple ID is the key to many important things you do with Apple, such as purchasing from the iTunes and App Stores, keeping personal information up-to-date across your devices with iCloud, and locating, locking, or wiping your devices. Two-step verification is a feature you can use to keep your Apple ID as secure as possible.

How do I set up two-step verification?

Set up two-step verification at My Apple ID (appleid.apple.com):

  1. Select “Manage your Apple ID” and sign in.
  2. Select “Password and Security.”
  3. Under Two-Step Verification, select Get Started and follow the on-screen instructions.

How does it work?

When you set up two-step verification, you register one or more trusted devices. A trusted device is a device you control that can receive 4-digit verification codes using either Find My iPhone notifications or SMS to verify your identity.

Then, any time you sign in to manage your Apple ID at My Apple ID or make an iTunes, App Store, or iBookstore purchase from a new device, you will need to enter both your password and a 4-digit verification code as shown below.

Enter your Apple Id, receive a verification code, enter your code to verify your identity and finish singing in

After you sign in, you can manage your account or make purchases as usual. Without both your password and the verification code, access to your account will be denied.

You will also get a 14-digit Recovery Key for you to print and keep in a safe place. You will use your Recovery Key to regain access to your account if you ever lose access to your devices or forget your password.

Do I still need to remember any security questions?

With two-step verification, you do not need to create or remember any security questions. Your identity is verified exclusively via your password, verification codes sent to your trusted devices, and your Recovery Key.

How do I use Find My iPhone notifications to receive verification codes?

Find My iPhone notifications can be used to receive verification codes on any iOS device with Find My iPhone turned on. Learn how to set up Find My iPhone.

Which SMS numbers should I verify for my account?

You should verify all SMS-enabled phone numbers that you normally use with your iPhone or other mobile phone. You should also consider verifying an SMS-enabled phone number used by someone close to you, such as a spouse or other family member. You can use this number if you are temporarily without access to your own devices.

Note: You cannot use landline or web-based (VOIP) phone services for two-step verification.

Where should I keep my Recovery Key?

Keep your Recovery Key in a secure place in your home, office, or other location. You should consider printing more than one copy so that you can keep your key in more than one place. This will make it easier to find if you ever need it and ensure that you have a spare copy if one is ever lost or destroyed.

You should not store your Recovery Key on your device or computer since that could give an unauthorized user instant access to it.

Can I turn off two-step verification after I turn it on?

Yes. Learn how to turn off two-step verification in this article.

What do I need to remember when I use two-step verification?

Two-step verification simplifies and strengthens the security of your account. After you turn it on, there will be no way for anyone to access and manage your account at My Apple ID other than by using your password, verification codes sent your trusted devices, or your Recovery Key. You must be responsible for:

  • Remembering your password.
  • Keeping your trusted devices physically secure.
  • Keeping your Recovery Key in a safe place.

If you lose access to two of these three items at the same time, you could be locked out of your Apple ID account permanently.

In addition, with two-step verification turned on, only you can reset your password, manage your trusted devices, or create a new recovery key.

Apple Support can help you with other aspects of your service, but they will not be able to update or recover these three things on your behalf.

What if I lose my Recovery Key?

You can replace your Recovery Key any time by visiting My Apple ID:

  1. Select “Manage your Apple ID” and sign in with your password and trusted device.
  2. Select “Password and Security.”
  3. Under Recovery Key, select Replace Lost Key.

Note: When you create a new key, your old Recovery Key is no longer usable. See this article for more information.

What if I forget my Apple ID password?

You can reset your password at My Apple ID by using your Recovery Key and one of your trusted devices.

Note: Apple Support can not reset your password on your behalf. To reset your password, you must have your Recovery Key and access to at least one of your trusted devices. See this article for more information.

What if I lose or give away one of my trusted devices?

If you no longer have access to one of your devices, go to My Apple ID to remove that device from your list of trusted devices as soon as possible so that it can no longer be used to help verify your identity.

What if I no longer have access to any of my trusted devices?

If you cannot access any of your trusted devices, you can still access your account at My Apple ID using your password and Recovery Key. You should verify a new trusted device as soon as possible. See this article for more information.

Why was I asked to wait before setting up two-step verification?

As a basic security measure, Apple does not allow two-step verification setup to proceed if any significant changes have recently been made to your account information. Significant changes can include a password reset or new security questions. This waiting period helps Apple ensure that you are the only person accessing or modifying your account. While you are in this waiting period, you can continue using your account as usual with all Apple services and stores.

Apple will send an email to all the addresses you have on file notifying you of the waiting period and encouraging you to contact Apple Support if you think that someone else has unauthorized access to your account. You will be able to return to set up two-step verification after the date listed on your Apple ID account page and in the email that you receive.

In which countries is two-step verification available?

Initially, two-step verification is being offered in the U.S., UK, Australia, Ireland, and New Zealand. Additional countries will be added over time. When your country is added, two-step verification will automatically appear in the Password and Security section of Manage My Apple ID when you sign in to My Apple ID.

FTC: We use income earning auto affiliate links. More.

You’re reading 9to5Mac — experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Don’t know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

Comments

  1. Charlie Linda Kincer - 9 years ago

    I can’t change my email adress

  2. Johnny Dangerously - 9 years ago

    [users can choose which of their iOS devices they want to be “trusted.”]
    ~
    I only have ONE “iOS device. How does THAT work?