Skip to main content

PSA: Don’t enable an Apple ID recovery key yet – or maybe ever

We explained way back in 2014 why you might want to have an Apple ID recovery key. In those days, it was an extra precaution you could take against getting locked out of your account.

Apple abandoned recovery keys when it switched to a smarter two-factor authentication process, before reintroducing them in a new form in iOS 14. However, they now work in a different way. You definitely won’t want to enable one now, and you may not want to do so ever …

Macworld has a lengthy explanation of why that is, beginning with why you shouldn’t do it now.

Apple has updated necessary pieces of iOS, iPadOS, and macOS to let you set a recovery key. But weeks after iOS 14 and iPadOS 14 were released, the Apple ID support sites, Apple Support app, and Find My app remain out of date with the use of this newly revived recovery key, even though various support documents have been updated to explain correctly some of the details of how it’s intended to work.

I recommend not enabling a recovery key until Apple has fully updated its ecosystem to explain and support the feature.

But it goes on to explain that the key now works in a different way. First, if you enable a recovery key, you will need to use it if you ever need to reset your Apple ID password. Normally, you can approve this from one of your trusted devices, but with the recovery key enabled, you need that plus a trusted device. Lose your key, and you lose your ability to reset your password. That warning is not currently given in the Settings app, which instead says that it is either/or, as it used to be.

Don’t think you can regenerate your recovery key if you lose it, either.

The key is only shown once ever. An encrypted form of the code is all that Apple retains, and there’s no way to ever retrieve the original key if you didn’t record it when it was displayed initially.

Second, should the worst happen and someone manages to change your password using one of your trusted devices and your passcode, Apple will no longer be able to help.

Without a recovery key, Apple offers a special Apple ID recovery process, which is intentionally designed to take time and require substantial documentation to prevent identity theft.

With a recovery key, this last-ditch option is no longer available. If you lose all access to your trusted devices, through accidental loss, theft, or natural disaster, your Apple ID account is completely irretrievable. So you need to balance the increased account integrity you would gain against the potential of losing your account forever in the worst circumstance.

If you are considering the use of a recovery key, I recommend reading the entire piece first.

FTC: We use income earning auto affiliate links. More.

You’re reading 9to5Mac — experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Don’t know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel



Avatar for Ben Lovejoy Ben Lovejoy

Ben Lovejoy is a British technology writer and EU Editor for 9to5Mac. He’s known for his op-eds and diary pieces, exploring his experience of Apple products over time, for a more rounded review. He also writes fiction, with two technothriller novels, a couple of SF shorts and a rom-com!

Ben Lovejoy's favorite gear