Apple has published a new support document detailing its plans to revamp the existing two-factor authentication system that it first launched last year. The document is careful to differentiate the two systems, referring to the existing one as “two-step verification” and the newer one as “two-factor authentication.”
The latest update to the iOS 9 beta has introduced initial support for the new system, but most users, including those running the beta, will need to wait until later this year to gain access to it.
Apple’s current “two-step verification” system uses a four-digit code that appears on users’ mobile devices to verify their identity when they log into an Apple service, app, or website. The new system will replace these four-digit codes with six-digit versions (similar to how 4-digit lock codes on iOS have been replaced by 6-digit codes in iOS 9).
Currently two-step verification is run through the Find My iPhone application for iOS, but starting with iOS 9 and OS X El Capitan, the new system will be built directly into the operating systems. The entire process for adding “trusted” devices to your account has been changed, according to Apple.
Interestingly, the new two-factor system will not only show login codes on iOS devices, but also on Macs running OS X 10.11. This will be especially useful for situations where a user doesn’t have their phone with them, or the phone is dead. You can also receive the login code via SMS or a phone call.
Users on the current system will be able to keep using it separately if they wish.
Along with this new login system comes a new way to manage your trusted devices. Any Mac, iPhone, iPad, or iPod touch that has been logged into your iCloud account can be found in a list in your iCloud settings panel. On iOS, this is accessible by tapping your name at the top of the iCloud page of the Settings app, while Mac users will find it by clicking “Account Details” on the iCloud System Preferences pane.
From here you can remove any device from your iCloud account, which will prevent them from receiving any more login verification codes. The iOS version of this screen also allows you to open the device’s location in the Find My iPhone app, which is now built into the OS. Also included in the iOS iCloud settings is a button to view a verification code on-demand. Typically these codes will be displayed automatically, but if you’ve dismissed your code and need to view it again, you can do so here.
The new two-factor authentication system will be available to all users in the fall when iOS 9 and El Capitan launch. Until then, select users running the developer preview or public beta will be able to test the feature. Apple will invite users who have installed the new software to participate in this program gradually during this stage. Apple has also recommended that users currently enrolled in the existing two-step verification system not make the switch until the newer system is rolled out later this year.
Users who have been selected to partcipate will see the option to set up two-factor authentication during the first-boot setup on a new Mac or iOS device running iOS 9. Those who have already run the Setup Assistant before being invited will be able to activate the new system through the account page of the iCloud settings panel.
For users with devices running older versions of iOS and OS X, there may not be a popup to enter verification codes when logging into a new app or service. Apple says those users may be prompted to include the 6-digit code at the end of their password. Devices on older software versions will not be able to receive the codes necessary to verify other devices.
Finally, Apple says a two-week opt-out period will be offerred to all users who are invited to the program. Opting out will reset their Apple ID credentials to the state they were in prior to joining the beta, including a full rollback of any security questions that have changed in that time.
FTC: We use income earning auto affiliate links. More.
The article also mentions something about the public betas.
Yeah, Apple said those were coming at some point this month. No date was given.
Man this is such a huge improvement.
I’ve been having this terrible iCloud bug and they keep asking me to switch my account into trouble shooting mode (meaning change password) and every time I do it’s such a confusing process with App specific passwords and two step verification popups.
Much cleaner.
Oh my GOSH if you knew the trouble I’ve had with these awful app-specific passwords… ugh. Glad those won’t be necessary.
Sure hope people can change that 6-digit iPhone lock code back to a 4-digit one.
Also keeps your serial number which is great if someone has their device stolen. They can now provide that to the proper authorities without having to have it written down somewhere.
TouchID for apps and Apple Pay has been fantastic. Having better authentication and management of authentication and trusted devices in general is going to become increasingly important.
In the US knowing a Social Security Number is not really authentication. So device authentication will be key.
Visit CrazyUDiD.com! Register your device and get access to the iOS 9’s brand new features!
We are also giving away 2 Apple Watches and other prizes, don’t miss this opportunity!
Have they fixed the problem with having multiple Apple IDs with 2-factor authentication on? Currently, since only one Apple ID can be logged into the iCloud account, if another Apple ID is used (say for iTunes), there’s no way to get push login codes for that account. The only option is to use text messaging, which is less than ideal for people who pay per text.