How to enable Apple's secure two-step verification for your iCloud & iTunes accounts



  • Reply 61 of 68
    knowitallknowitall Posts: 1,648member
    maestro64 wrote: »
    This is why, you come up with some random word or phrase to use with all the questions. Now the answer has nothing to do with the question being asked and someone can not use social engineering or other investigative type of information gathering to hack into your accounts.

    That doesn't work for the general public and might not work in your case either because what you think of is seldom random.
    It also goes against the idea of enhanced security by multiple questions and answers and the easy way to remember it.

    It is better to introduce one fallback password provided by Apple and remove the security questions altogether.
  • Reply 62 of 68
    funny, on my wife's computer, I could not find her original recovery key%u2026 you do have the option to regenerate a new one. However, you get to a page that asks you to confirm that you have the new one by entering it. When you do and you click "Activate", you get an ERROR page! So, is the new one active or not? How the hell will I know this????
  • Reply 63 of 68

    Apple's 2-factor authentication does not work well if you have more than one Apple ID, which most people who had an existing iTunes and MobileMe/Mac account do.  It will work for SMS notifications, but only the main iCloud "Find My xxxx" can be enabled on a device, that means it's not possible to use 2 different Apple IDs for "Find My xxxx", meaning that won't work for more than on Apple ID.   

    Apple's "solution" to this is to have you use friends/relatives to send SMS codes to in case you lose your phone.  That's a less than ideal solution.

    If you get locked out of your Apple ID currently, you can't change your password or make iTunes/App Store purchases on new devices.  

    You won't be able to access your account information on any device because Apple has no concept of "trusted devices".  Basically if you lose 2 of the 3 pieces of info (password, device capable of receiving code and recovery key), you are screwed since you won't be able to change your password or set up new devices.  Existing signed-in devices will continue to work until you sign out or are forced to do a restore.

  • Reply 64 of 68

    Originally Posted by Bluestone View Post

    Why do people think that your answer to a security question has to have anything to do with the question?

    Q: "Where do you want to live when you retire?"

    A: "In the same grave as Dracula." or

    A: "Secretariat was the best horse to ever win the Triple Crown." or

    A: "Anything."

    Just be sure to write the answer down to remember it.



    I haven't been answering security questions with accurate, truthful information for years. I use random nonsense answers which I store in 1Password. That being said the idea of security questions is stupid. If you answer them truthfully they are worthless and if you answer with made up stuff, like I do, it becomes a problem managing them defeating their purpose.


    Any company using security questions is in engaged in "security theater". They want to look like they are doing something in regards to security but they really aren't



  • Reply 65 of 68
    Apple Should ENFORECE 2-step authentication anytime there is a login via a web browser. This is how gmail works. This would protect all forms of access via a browser.

    Currently, the "partial" 2-step verification only protects you from someone trying to change your AppleID account info/setup.

    Please get on the ball Apple!
  • Reply 66 of 68
    Why doesnt this work when I log on to from my PC. There is NO auth code sent to my phone to complete the 2 step auth process.
  • Reply 67 of 68

    I have setup 2 step auth - yet when I log on to I am not prompted for an auth code. Whats up?

  • Reply 68 of 68

    Maybe I'm doing something wrong.  My trusted device is my iPhone, so if I log into iCloud or manage my Apple ID on my Mac, I get the verification code SMSed to my iPhone number.


    Here's the thing.  If I go log into using Safari on my iPhone, then it will send the verification code to the iPhone!  So two step authentication on the iPhone is moot!  Useless! Similar problem with iCloud.

Sign In or Register to comment.