or Connect
AppleInsider › Forums › General › General Discussion › Apple begins worldwide rollout of two-step verification system
New Posts  All Forums:Forum Nav:

Apple begins worldwide rollout of two-step verification system

post #1 of 25
Thread Starter 
Apple recently introduced its two-step identification verification system to at least 13 new countries as part of a worldwide rollout, with Apple ID account holders in those nations now granted access to the heightened security feature first deployed in March.

Apple ID


Users from Argentina, Austria, Belgium, Brazil, Canada, Italy, Pakistan, Poland, Portugal, Germany, Mexico, the Netherlands and Russia are reporting the appearance of Apple's new two-step verification feature, which was previously limited to the US, UK, Australia, Ireland, and New Zealand.

It is unclear if additional countries have seen activations, as Apple's FAQ page has yet to be updated to reflect the new availability.

With two-step verification enabled, any time any time a user signs in to the My Apple ID webpage to make changes, or purchases content from iTunes on a new device, they are prompted to enter their password and a 4-digit verification code. The code is sent to a trusted device, such as an iPhone or iPad, through the Find My Phone app. Owners of other handsets receive codes via SMS text message.

A recovery key is provided in the event that the phone tied to the account is lost or stolen.

While not a completely foolproof security solution, the additional step provides an added safeguard against malicious users or attempts to break into a user's Apple ID.
post #2 of 25

Turned it on when it first became available, no problems, very much in the background since I have only been using my regular devices.

post #3 of 25
It is available in Singapore.
post #4 of 25
Just signed up from Canada.. Need to wait 3 days to activate since I had to change my password.
post #5 of 25
Quote:
Originally Posted by Slurpy View Post

Just signed up from Canada.. Need to wait 3 days to activate since I had to change my password.

 

I just tried from Vancouver and can find no reference to it. I must not be looking in the right place.

post #6 of 25
Quote:
Originally Posted by v5v View Post

I just tried from Vancouver and can find no reference to it. I must not be looking in the right place.

Did you sign on to manage your account? If so, did you go to passwords and security? If so, did you then answer the 2 security questions to proceed?

This bot has been removed from circulation due to a malfunctioning morality chip.

Reply

This bot has been removed from circulation due to a malfunctioning morality chip.

Reply
post #7 of 25
Quote:
Originally Posted by SolipsismX View Post


Did you sign on to manage your account? If so, did you go to passwords and security? If so, did you then answer the 2 security questions to proceed?

 

Is that the extra stage -- the security questions? If so, Canada had this weeks (months?) ago because I set those up so long ago I couldn't remember the answers anymore!

post #8 of 25
Quote:
Originally Posted by v5v View Post

Is that the extra stage -- the security questions? If so, Canada had this weeks (months?) ago because I set those up so long ago I couldn't remember the answers anymore!

It's not the extra stage in regards to the two-step verification, but you need to answer them before you can setup the two-step verification.

This bot has been removed from circulation due to a malfunctioning morality chip.

Reply

This bot has been removed from circulation due to a malfunctioning morality chip.

Reply
post #9 of 25
Originally Posted by v5v View Post

 

Is that the extra stage -- the security questions? If so, Canada had this weeks (months?) ago because I set those up so long ago I couldn't remember the answers anymore!

 

I recommend making up false answers to the security questions.  That way, even if a would-be attacker knows some of your personal details, they'll still need to guess.  E.g. birthdate: 8/8/88, honeymoon in Darfur Sudan, first car: Black 1998 McLaren F1, etc. 

Sent from my iPhone Simulator

Reply

Sent from my iPhone Simulator

Reply
post #10 of 25
Quote:
Originally Posted by SockRolid View Post

I recommend making up false answers to the security questions.  That way, even if a would-be attacker knows some of your personal details, they'll still need to guess.  E.g. birthdate: 8/8/88, honeymoon in Darfur Sudan, first car: Black 1998 McLaren F1, etc. 

I assumed he did, which is why he couldn't remember the answers.

I use random words for mine (e.g.: sandwich, sediment, yellow*). I do keep them stored in 1Password as a note or cropped screenshot image when I set them up. If you get access to that I'm screwed. My password for 1Password is about 100 characters long but it's still vulnerable to key logging which is why I recommend that no one run as an Admin on Mac OS or Windows if you install apps willy-nilly.




* These are not ones I actually use but ones I made up for this post.

This bot has been removed from circulation due to a malfunctioning morality chip.

Reply

This bot has been removed from circulation due to a malfunctioning morality chip.

Reply
post #11 of 25
All roads lead to CAPTCHA. That's when 2 steps turn into about 8. Or 20.

"Apple should pull the plug on the iPhone."

John C. Dvorak, 2007
Reply

"Apple should pull the plug on the iPhone."

John C. Dvorak, 2007
Reply
post #12 of 25
Quote:
Originally Posted by Suddenly Newton View Post

All roads lead to CAPTCHA. That's when 2 steps turn into about 8. Or 20.

I can never seem to do most CAPTCHAs on the first try. I absolutely hate the technology and have stopped signing up for a site once I came to its CAPTCHA.

This bot has been removed from circulation due to a malfunctioning morality chip.

Reply

This bot has been removed from circulation due to a malfunctioning morality chip.

Reply
post #13 of 25
Quote:
Originally Posted by SolipsismX View Post

It's not the extra stage in regards to the two-step verification, but you need to answer them before you can setup the two-step verification.

 

 

The link you provided lists the following instructions:

 

Quote:

From Apple's web site:

 

How do I set up two-step verification?

Set up two-step verification at My Apple ID (appleid.apple.com):

  1. Select "Manage your Apple ID" and sign in.
  2. Select "Password and Security."
  3. Under Two-Step Verification, select Get Started and follow the onscreen instructions.

 

When I sign in and select "Password and security" there is no reference to Two-Step Verification at all. I then tried answering the verification questions, but all that gave me was the option to change my verification questions and answers. Again, nothing about Two-Step.

 

Oh well. I'll try again in a few weeks. If I remember.

post #14 of 25
Quote:
Originally Posted by v5v View Post


The link you provided lists the following instructions:


When I sign in and select "Password and security" there is no reference to Two-Step Verification at all. I then tried answering the verification questions, but all that gave me was the option to change my verification questions and answers. Again, nothing about Two-Step.

Oh well. I'll try again in a few weeks. If I remember.

When you say "tried" are you saying you correctly did answer them? Again, if you don't correctly answer them you may not see the option for setting up the Two-Step Verification.

"Do or do not. There is no try." ~Ghandi

This bot has been removed from circulation due to a malfunctioning morality chip.

Reply

This bot has been removed from circulation due to a malfunctioning morality chip.

Reply
post #15 of 25
Quote:
Originally Posted by SolipsismX View Post

When you say "tried" are you saying you correctly did answer them? Again, if you don't correctly answer them you may not see the option for setting up the Two-Step Verification.

 

Yeah, I eventually figured out which mock answers I'd specified! I meant that I answered the questions to proceed to the next page, one step past what the instructions explicitly specified, in case it was implied. There was no mention of Two-Step anywhere in the process.

 

 

Quote:
Originally Posted by SolipsismX View Post

"Do or do not. There is no try." ~Ghandi
 

Ghandi? I thought that was Yoda?

post #16 of 25
Quote:
Originally Posted by v5v View Post

Yeah, I eventually figured out which mock answers I'd specified! I meant that I answered the questions to proceed to the next page, one step past what the instructions explicitly specified, in case it was implied. There was no mention of Two-Step anywhere in the process.

That was how it appeared for me. Perhaps the rollout is even staggered within a nation; which is a good thing for Apple to do, but they really should send an email when it's available.
Quote:
Ghandi? I thought that was Yoda?

Both fictional characters with super powers¡ Who can keep them all straight?
Edited by SolipsismX - 5/11/13 at 1:34pm

This bot has been removed from circulation due to a malfunctioning morality chip.

Reply

This bot has been removed from circulation due to a malfunctioning morality chip.

Reply
post #17 of 25
This reminds me of Blizzards Battle.net authenticator.
post #18 of 25
Quote:
Originally Posted by Totems View Post

This reminds me of Blizzards Battle.net authenticator.

That's because both are two-step verification systems. It's something you know (Your password) and something you have access to - your iOS device (there is also another choice, something you are - that's biometrics, but they've proven elusively hard to make commercially viable at a reasonable cost). If you have a door at your work place that has a keycard and a pin code, that's two-step verification too. 

 

I've been using Battle.net Auth for years. Blizzard encourages it so highly that if you have an authenticator attached to your account (either a little keyfob they give away for shipping cost or the iPhone/Android App) they attach a companion pet to your account - a tiny two-headed firebreathing dog called a Core Hound Pup. 

post #19 of 25
Quote:
Originally Posted by SolipsismX View Post


I assumed he did, which is why he couldn't remember the answers.

I use random words for mine (e.g.: sandwich, sediment, yellow*). I do keep them stored in 1Password as a note or cropped screenshot image when I set them up. If you get access to that I'm screwed. My password for 1Password is about 100 characters long but it's still vulnerable to key logging which is why I recommend that no one run as an Admin on Mac OS or Windows if you install apps willy-nilly.




* These are not ones I actually use but ones I made up for this post.

I also use 1Password and random answers for questions like: rf4aTKbZxJSDmE2Uc.mku"GRD. I heard that LastPass has two factor authentication for master password so I'm thinking to migrate to LastPass but I don't know if they have a standalone app for desktop.

post #20 of 25
Quote:
Originally Posted by NelsonX View Post

I also use 1Password and random answers for questions like: rf4aTKbZxJSDmE2Uc.mku"GRD. I heard that LastPass has two factor authentication for master password so I'm thinking to migrate to LastPass but I don't know if they have a standalone app for desktop.

I'm not a fan of LastPass. Besides the web-based interface I am not a fan that all my data is saved on their servers. I don't think that LastPass would compromise my data willingly, and like to assume that even their users can't see the contents of their database, but it does make it one giant target for hackers. With 1Password they'd have to use a much more pointed attack since each account stores the database independently.

This bot has been removed from circulation due to a malfunctioning morality chip.

Reply

This bot has been removed from circulation due to a malfunctioning morality chip.

Reply
post #21 of 25
Quote:
Originally Posted by SolipsismX View Post

I'm not a fan of LastPass. Besides the web-based interface I am not a fan that all my data is saved on their servers. I don't think that LastPass would compromise my data willingly, and like to assume that even their users can't see the contents of their database, but it does make it one giant target for hackers. With 1Password they'd have to use a much more pointed attack since each account stores the database independently.

They store all clients data in one single DB? That's the most ridiculous thing I've read since, well, ok, I read a lot of stupid things. But this config takes the cake ¡
I’d rather have a better product than a better price.
Reply
I’d rather have a better product than a better price.
Reply
post #22 of 25
Quote:
Originally Posted by PhilBoogie View Post

They store all clients data in one single DB? That's the most ridiculous thing I've read since, well, ok, I read a lot of stupid things. But this config takes the cake ¡

It's server-side so I assume they do. Either way it's not the setup I prefer using.

This bot has been removed from circulation due to a malfunctioning morality chip.

Reply

This bot has been removed from circulation due to a malfunctioning morality chip.

Reply
post #23 of 25
Quote:
Originally Posted by SolipsismX View Post

Quote:
Originally Posted by PhilBoogie View Post

They store all clients data in one single DB? That's the most ridiculous thing I've read since, well, ok, I read a lot of stupid things. But this config takes the cake ¡

It's server-side so I assume they do. Either way it's not the setup I prefer using.

+1

I like databases, but knowing these can get corrupt I'd setup a unique DB for each client.
I’d rather have a better product than a better price.
Reply
I’d rather have a better product than a better price.
Reply
post #24 of 25

Deleted. (Is there no way to delete a post?)


Edited by Usiris - 5/29/13 at 5:13pm
post #25 of 25
Quote:
Originally Posted by v5v View Post

Quote:
Originally Posted by SolipsismX View Post

When you say "tried" are you saying you correctly did answer them? Again, if you don't correctly answer them you may not see the option for setting up the Two-Step Verification.

 

Yeah, I eventually figured out which mock answers I'd specified! I meant that I answered the questions to proceed to the next page, one step past what the instructions explicitly specified, in case it was implied. There was no mention of Two-Step anywhere in the process.

 

 

Quote:
Originally Posted by SolipsismX View Post

"Do or do not. There is no try." ~Ghandi
 

Ghandi? I thought that was Yoda?

 

The two-step verification option still hasn't showed up in my Canadian account.

New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: General Discussion
AppleInsider › Forums › General › General Discussion › Apple begins worldwide rollout of two-step verification system