or Connect
AppleInsider › Forums › Mobile › iCloud › Apple rolls out two-step verification for iCloud.com Web apps
New Posts  All Forums:Forum Nav:

Apple rolls out two-step verification for iCloud.com Web apps

post #1 of 13
Thread Starter 
Apple on Monday appears to have rolled out a new implementation of its two-factor Apple ID authentication system with iCloud.com, requiring users who have the additional layer of security enabled to enter a special code before accessing the Web apps.




With the new implementation, shown in the screenshot above, Apple is expanding its two-step authentication security feature beyond Apple ID management and iCloud-connected features to the iCloud.com Web app suite. Prior to the change, iCloud.com was accessible via a simple password. The feature was first spotted by reader Stephan.

AppleInsider was able to confirm the new iCloud security feature is indeed Apple's normal two-factor authentication service, though it is unclear if the feature is in testing or nearing rollout. Certain Apple ID accounts we tested required the second verification, while though others did not.

Like Apple's other two-factor methods, iCloud.com asks users who log on to enter both a password and a four-digit verification code that is sent by the system to a trusted device. Once verified, all iCloud apps are unlocked and can be accessed normally.

We found signing out of iCloud.com will, in most cases, reset the verification mechanism, forcing the secondary code on each login attempt. In some instances, however, the system does not reset itself even after clearing cookies and toggling two-factor authentication via the Apple ID management webpage.




Apple has left the "Find My iPhone" Web app accessible even without secondary authentication in case the trusted iPhone or iPad goes missing.

Apple first introduced two-factor verification in March 2013 to provide an extra layer of security to Apple ID account holders. After launching in the U.S., Australia, Ireland, New Zealand and the U.K., two-step was expanded to Apple ID holders in Canada, France, Germany, Italy, Japan and Spain.in February.
post #2 of 13

I'm not sure I need to be THAT secure. Seems like it might quickly become a nuisance.

 

Not that I think it's a bad idea. It's a GREAT idea. I'm just not sure my account is at great enough risk to warrant an ongoing extra step. I log out every time I finish buying something, so I'd be doing the number dance a lot.

Lorin Schultz (formerly V5V)

Audio Engineer

V5V Digital Media, Vancouver, BC Canada

Reply

Lorin Schultz (formerly V5V)

Audio Engineer

V5V Digital Media, Vancouver, BC Canada

Reply
post #3 of 13

I'd wish Apple would hurry up and add more countries to 2-step verification to other countries. Google and others already have this globally.

post #4 of 13
If you know anyone who's had their email hacked ... and I know several people ... you will think differently about two-factor. Because the first thing they do is delete all your mail, and then they mail your contacts that you have changed your mail, and they give them a new fake email address for you.

But hey. Do whatever you want.
post #5 of 13
Good job Apple. Anything Apple can do to make the eco system safer, the better. An extra step or two in nothing compared to the Android / Microsoft world of hurt. Anyone complaining ... go buy an Android heap of crap or a Microsoft mobile device ... oh wait a minute do they have any?
From Apple ][ - to new Mac Pro I've used them all.
Long on AAPL so biased
"Google doesn't sell you anything, they just sell you!"
Reply
From Apple ][ - to new Mac Pro I've used them all.
Long on AAPL so biased
"Google doesn't sell you anything, they just sell you!"
Reply
post #6 of 13
Quote:
Originally Posted by Lorin Schultz View Post

I'm not sure I need to be THAT secure. Seems like it might quickly become a nuisance.

Not that I think it's a bad idea. It's a GREAT idea. I'm just not sure my account is at great enough risk to warrant an ongoing extra step. I log out every time I finish buying something, so I'd be doing the number dance a lot.

Just returned from Vancouver. Expensive and wet but wow what a fantastic city. Loved it.

Now, as to your comment, come on, anything Apple can do to make the only eco system is worth a shit, safer ..... 1smile.gif
From Apple ][ - to new Mac Pro I've used them all.
Long on AAPL so biased
"Google doesn't sell you anything, they just sell you!"
Reply
From Apple ][ - to new Mac Pro I've used them all.
Long on AAPL so biased
"Google doesn't sell you anything, they just sell you!"
Reply
post #7 of 13
@photoshop59
This is called keeping up with the times. Security is a big deal to a lot of people and adding 2 step is a great feature for those that WANT to take advantage of it. This will be an opt-in feature, not forced, just like all 2 step security.
Apple may be working on QR codes or maybe using their finger print scanner to authenticate without having to wait for a text with a 4 digit code.

Since you are So unhappy with apple and Tim cook, why don't you move on to android and windows since obviously security isn't an issue for you and get off Apple News sites.

If you have some creative way to have 2 step without adding "steps" why don't you head to apple.com/feedback and tell them how to do it better?

Oh wait, you live in moms basement and just complain, you don't have any better ideas....
iPhone 6 Plus 5.5" YES!
Reply
iPhone 6 Plus 5.5" YES!
Reply
post #8 of 13
Quote:
Originally Posted by photoshop59 View Post

^ trollish post

Trolls. So broke they can't even pay attention to the Shift key.

edit: deleted original trollish post
Edited by PhilBoogie - 6/30/14 at 11:58pm
Send from my iPhone. Excuse brevity and auto-corrupt.
Reply
Send from my iPhone. Excuse brevity and auto-corrupt.
Reply
post #9 of 13
Quote:
Originally Posted by PhilBoogie View Post


Trolls. So broke they can't even pay attention to the Shift key.

 

I've flagged him. If he left out the 'gay boy' part, I would have let his post slide.

post #10 of 13
Quote:
Originally Posted by BestKeptSecret View Post

Quote:
Originally Posted by PhilBoogie View Post

Trolls. So broke they can't even pay attention to the Shift key.

I've flagged him. If he left out the 'gay boy' part, I would have let his post slide.

You're a better man than me; I made the error of responding, something I don't think I should have done as these troll posts get repeated throughout a thread. Good thing a mod deleted my post, including the OP.

edit: I agree on your "if he left out..."
edit 2: I thought the post was deleted, apparently not. Oh well, now edited out the OP. Mods can delete it altogether for all I care.
Send from my iPhone. Excuse brevity and auto-corrupt.
Reply
Send from my iPhone. Excuse brevity and auto-corrupt.
Reply
post #11 of 13

Well this change screwed me over this weekend. I was updating all my devices IOS and OSX to the latest versions and this came up, it requirement me to verify my AppleID and icloud accounts. Since I have been a long time Apple user my Apple ID have never change form the early days when you needed an ID for the discussion communities as well as registering your Apple products. I had a simple ID which did not include an email address it was just my first initial and last name, been using it since the 90's it was my ID for itunes, AppleSeed program, as well as .mac me.com and then icloud. Everything I ever did with apple was under this one account, including all my itune purchases.

 

Well over the weekend since my email account with this ID was not verified they forced me to do that as well as change my password since they did not like my password and also put in a cell phone number to do a mobile verification. Well in middle of this process Apple converted my simple ID to an ID with an email address since now all Apple ID must use an email address which is verified. Since my verified email address was not the same as the icloud or .mac one I have it somehow unlink the .mac email account with the simple ID I was using. I use to be able to log into icloud with either the simple ID or the name@mac.com email address without an issue. After the whole process I went through I now have two Apple IDs the originally one I has since the 90's which was now converted to the personal email address and now the .mac/icloud account email based account.

 

Here is where the real issue came in all the purchases on all my iOS devices was done in the simple ID account, I go to update them yesterday and as usually Itunes ask you to log in withing the ID they were purchased with, well the simple ID is now gone, I can no longer log in with my simple ID it says it no longer exists. I spent an hour on the phone last night with Apple Support linking things back together, grant it I no longer have my simple ID I once had, I now have to log in with new email address based ID, but I can now update all my apps and such which were bought with the simple ID thanks to Apple support.

 

I give this as a warning to others who may have old Apple ID which were not based on an email address, Apple will force you to do away with this and if you do not pay close attention to what you are doing you will be hosed and require a call to Apple. My suggestion if to verify any old ID with either your .mac or icloud email accounts so they are one and the same, otherwise you will have two Apple ID accounts. Everything I said here about the ID and new verification process was confirmed by the Apple support person, Apple has put in new rules about User ID and passwords and such.


Edited by Maestro64 - 7/1/14 at 7:26am
post #12 of 13
Quote:
Originally Posted by digitalclips View Post

Just returned from Vancouver. Expensive and wet but wow what a fantastic city. Loved it.

Now, as to your comment, come on, anything Apple can do to make the only eco system is worth a shit, safer ..... 1smile.gif

Last time I was in Vancouver thieves broke into our vehicle. Yeah... what a city. 😙 ...but it is nice-looking.
Edited by SpamSandwich - 7/1/14 at 8:22am

Proud AAPL stock owner.

 

GOA

Reply

Proud AAPL stock owner.

 

GOA

Reply
post #13 of 13
Quote:
Originally Posted by digitalclips View Post

Just returned from Vancouver. Expensive and wet but wow what a fantastic city. Loved it.

 

Coming from Florida, you won't have the same perspective on the weather we have here. My wife and I grew up on the prairies, so we refer to the rain as "not snow." Whenever someone complains, we remind them "at least you don't have to shovel it!" That gets us through the winter. It's harder to be so positive in the summer.

 

Quote:
Originally Posted by digitalclips View Post

Now, as to your comment, come on, anything Apple can do to make the only eco system is worth a shit, safer ..... 1smile.gif

 

Definitely. Like I said, I think it's a great idea. I just decided not to do it because, since I log in and out all the time, I'd be doing the verification all the time. That would get old in a hurry. I rationalize my decision by believing that the risk of my account being hacked is low enough that I don't need to bother with the extra hassle.

Lorin Schultz (formerly V5V)

Audio Engineer

V5V Digital Media, Vancouver, BC Canada

Reply

Lorin Schultz (formerly V5V)

Audio Engineer

V5V Digital Media, Vancouver, BC Canada

Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: iCloud
AppleInsider › Forums › Mobile › iCloud › Apple rolls out two-step verification for iCloud.com Web apps