Skip to main content

Apple turns on two-factor authentication for iCloud and Apple ID accounts

Apple this week launched two-factor authentication for iCloud and Apple IDs.

The optional feature will require users to verify their identities beyond providing their passwords when: signing in to an Apple ID to manage an account; buying something on iTunes, the App Store, or iBooks; or getting Apple ID-related support from Apple.

"Turning on two-step verification reduces the possibility of someone accessing or making unauthorized changes to your account information at My Apple ID or making purchases using your account," Apple said on its support website.

If you sign up for two-factor authentication, Apple will send a four-digit code to a trusted device capable of receiving such messages (like your iPhone) every time you try to sign in to your iCloud or Apple ID account, which you will have to enter as well as your standard password.

"After you sign in, you can manage your account or make purchases as usual," Apple said. "Without both your password and the verification code, access to your account will be denied."

Apple will also provide users with a 14-digit Recovery Key, which you can use in the event that you lose or misplace the device to which your 4-digit code is normally sent, or your forget your password.

It's up to you, however, to remember your password, and keep your device and recovery key in a safe place. "If you lose access to two of these three items at the same time, you could be locked out of your Apple ID account permanently," Apple warned.

Apple said it won't allow two-factor authentication to be set up on an account that has recently undergone any major updates - like a password reset or change in security questions. If this is the case, Apple will implement a waiting period before two-factor authentication can be enabled, which it will alert you to via email.

"This waiting period helps Apple ensure that you are the only person accessing or modifying your account," Apple said. "While you are in this waiting period, you can continue using your account as usual with all Apple services and stores."

Initially, two-factor authentication will be available for Apple customers in the US, UK, Australia, Ireland, and New Zealand. Additional countries will be added over time.

A number of companies have enabled two-factor authentication in recent months in an effort to strengthen security. Apple's change comes several months after journalist Mat Honan had all of his data wiped thanks to a hacker who took advantage of various linked accounts.

"Getting into Amazon let my hackers get into my Apple ID account, which helped them get into Gmail, which gave them access to Twitter," he wrote in August.

Honan acknowledged that had he turned on Google's two-factor authentication, none of this probably would've happened. The Honan hack prompted Amazon to stop letting Amazon customers change account settings like email and credit card data over the phone.