Apple ID security improved with new two-step verification option
Apple on Thursday improved its security system for Apple ID accounts tied to services like iCloud and iTunes, offering users two-step verification for when making changes to an account.

The feature began rolling out to Apple ID owners on Thursday, and allows those with accounts for services like iCloud, the iTunes Store, App Store and others to enable it on the Apple ID website.
Once two-step verification has been turned on, a user can receive verification codes on their mobile device, such as an iPhone or iPad. On iOS devices, the codes are received via the Find My iPhone application, while other handset users can receive the code via text message.
Once the code arrives, an iOS lock screen will display the notification that users must "unlock to view your verification code."
Apple also offers users the ability to have a recovery key as a precaution, in the event that their mobile phone tied to the account is lost or stolen.

The feature began rolling out to Apple ID owners on Thursday, and allows those with accounts for services like iCloud, the iTunes Store, App Store and others to enable it on the Apple ID website.
Once two-step verification has been turned on, a user can receive verification codes on their mobile device, such as an iPhone or iPad. On iOS devices, the codes are received via the Find My iPhone application, while other handset users can receive the code via text message.
Once the code arrives, an iOS lock screen will display the notification that users must "unlock to view your verification code."
Apple also offers users the ability to have a recovery key as a precaution, in the event that their mobile phone tied to the account is lost or stolen.
Comments
I have never had to use a two step verification for Gmail, Google Docs, or other features that are similar to iCloud.
Are you talking about when you use Google Voice to pair a phone number with a phone, because that's completely different.
p.s. thoughs = those
Nice... the system works much the same as Google's has for quite some time:
01) First enable it on the Apple ID website.
02) Then use your mobile device to receive verification codes as needed to sign into various Apple services.
You're right, they have had a two-step verification option, but I like this more.
Quote:
Originally Posted by SolipsismX
I have never had to use a two step verification for Gmail, Google Docs, or other features that are similar to iCloud.
Are you talking about when you use Google Voice to pair a phone number with a phone, because that's completely different.
Apple's two-step verification is identical to Google's. But, it's not a required feature. It's an opt-in.
http://support.google.com/accounts/bin/answer.py?hl=en&answer=180744&topic=1099588&ctx=topic
I hope not. If anything, what I want is a way to turn the security off. It's really annoying to have to keep entering my Apple ID every time I want to DL something. I'd like to see a "remember me" checkbox, so that the online stores work the same on my iPhone and iPad as they do on my Macs.
Quote:
Originally Posted by DaHarder
Nice... the system works much the same as Google's has for quite some time:
01) First enable it on the Apple ID website.
02) Then use your mobile device to receive verification codes as needed to sign into various Apple services.
Quote:
Originally Posted by NexusPhan
Finally caught up to Google's two step verification from a few years ago. It's really a great security feature to have.
Was Google the first to do this, or did they borrow the idea from someone else? (I remember doing two-step verifications in many websites starting in the late 1990s).
If the latter, what's your point?
Quote:
Originally Posted by NexusPhan
Apple's two-step verification is identical to Google's. But, it's not a required feature. It's an opt-in.
Umm.... more choice is bad?
Surely Google invented it¡
Quote:
Originally Posted by SolipsismX
Surely Google invented it¡
Something I Never Said/Posted... Ever.
Though it's quite obvious that: Surely You're Just Trolling (as usual).
By tomorrow some hackers will have defeated it using a technique where by repeatedly dialing 911 and hanging up, then eject the sim while sending a TXT before visiting a carefully crafted web page with a self signed certificate while standing on your head in an even number zip code between 12:00 midnight and 12:01 am, only on Fridays, but it has to be a leap year.
Quote:
Originally Posted by mstone
By tomorrow some hackers will have defeated it using a technique where by repeatedly dialing 911 and hanging up, then eject the sim while sending a TXT before visiting a carefully crafted web page with a self signed certificate while standing on your head in an even number zip code between 12:00 midnight and 12:01 am, only on Fridays, but it has to be a leap year.
What's up with that iOS lock screen anyway? In OS X the loginwindow process is the first to launch and all your processes are children of that. Logical and clean. What the heck are they doing in iOS that is making it so hackable?
Quote:
Originally Posted by ascii
What's up with that iOS lock screen anyway? In OS X the loginwindow process is the first to launch and all your processes are children of that. Logical and clean. What the heck are they doing in iOS that is making it so hackable?
They want you be able to use Siri for limited access to contacts and phone while the screen is locked. Also music volume, camera, remote wipe, find my phone, etc so it need some functionality even when locked. Once they have decided which features are locked and which are not, then they have to think of all the possible exploits of that semi-secure environment. Turns out those logical engineers didn't think of all the crazy ways to do it. Now that they hired Kristen Paget perhaps she will get it straightened out.
Apple iTunes / App Store has been one of the largest centers of credit card fraud activity on Earth. So, this is probably a good thing. Source: stuff I know and people I know in the CC industry. Including fraud executives
Originally Posted by PhilBoogie
[post]
Because of the ID bug.