Unless you've been completely avoiding the news this past week, you will have heard about Apple's little problem with nude photos being stolen from celebrity accounts. The company has strongly denied that there has been a security breach, but in a statement it advised customers to check the strength of their passwords as well as enabling two-step verification.
Two-factor authentication - also known as two-step verification - is a stronger method of security because it relies not only on something you know (your password), but also something you have (like your iPhone). It sounds good, but how do you go about implementing it with your Apple account?
It's a simple enough process, but you'll need to set aside a little time to get everything set up.
- Head over to the My Apple ID page.
- Click Manage your Apple ID and sign into your account.
- Head to the Password and Security section and answer your security questions.
- Under the Two-Step Verification heading, click the Get started link.
- Click Continue and then confirm that you want to enable the extra security by clicking Continue again.
- Click Get Started and you'll find that… you need to come back in three days' time.
You'll receive a reminder email, and you'll need to head back to the site after that time. You'll then be guided through the process of linking a trusted device to your account and setting up a recovery PIN. When you log into your account in future, a PIN will be sent to your device, and you'll need to confirm your identity by providing this code.
While doing this will help to improve the security of your account, it is not the final word in security. You will only need to verify your identity using one of your devices in one of three circumstances: when you sign in to My Apple ID to manage your account; when you make an iTunes, App Store, or iBooks Store purchase from a new device; when you get Apple ID related support from Apple.
Have you enabled two-factor authentication on your Apple account as a result of the photo leaks? Perhaps you find that it's too much hassle and you prefer to stick with an old fashioned password and nothing else.