Apple's iMessage, FaceTime now protected by two-step verification

Posted:
in General Discussion edited February 2015
Apple continues to expand the range of offerings covered by its two-step verification scheme, with security-conscious users now able to count iMessage and FaceTime among those features protected by the service.

Apple ID


Beginning today, those who have opted in to the two-step verification program will be asked to provide a one-time security code the next time they configure iMessage or FaceTime on a device. The change was first noted by The Guardian.

Existing two-step verification users who are already signed into FaceTime or iMessage on their devices do not need to take any additional steps. Two-step verification is automatically enabled, and will be triggered if users log out and log back in or sign in to their Apple ID on another device.

Apple introduced two-step verification as an opt-in feature in 2013. After enrolling and nominating at least one SMS-capable phone number, users will be asked to enter a one-time passcode whenever they attempt to sign in with their Apple ID on a new device.

Apple expanded two-step verification to iCloud.com last year, and has made it available in 59 countries as of Feb. 5.

Comments

  • Reply 1 of 16

    This is a garbled mess.

     

    If you click on View Account Details in FaceTime or iMessage on the Mac, your usual password won't work. You have to sign out and back in again. Then you have to set up 2-step verification. Even though I already had 2-step verification on my Mac and iOS devices, I had to do it again. Firstly, it gave me a four digit code for the verification. So far, so good. Then, it then gave me a new password for my account, but only for those two apps! What? And it was a computer-generated one that I’ll never remember, though it’s stored in Keychain under an obscure name.

     

    Bizarre, unwieldy and very un-Apple.

     

    Oh, I forgot! Apple doesn't do 'It just works' these days. Got it.

  • Reply 2 of 16
    Quote:
    Originally Posted by Benjamin Frost View Post

    Oh, I forgot! Apple doesn't do 'It just works' these days. Got it.


     

    I 2nd that feeling! Yosemite Continuity is a total mess as well! WAY too many configuration settings that must be exactly correct

  • Reply 3 of 16
    calicali Posts: 3,495member
    Apple should just license TouchID to these poor developers.
  • Reply 4 of 16
    [QUOTE name="cali" url="/t/184778/apples-imessage-facetime-now-protected-by-two-step-verification#post_2675316"]
    Apple should just license TouchID to these poor developers.[/QUOTE]

    Precisely.

    I think the whole security setup that Apple uses needs to be overhauled. It’s far too complicated. One password and Touch ID should be all that I need to use for everything; every app, every payment.

    Merging IDs would be nice, too, though maybe I'm being hasty; it’s only been 14 years or so since people have been requesting this. Bookmark this post, and in 560,000 trillion years, remind Apple to consider merging IDs; maybe they'll have the resources and capability by then.
  • Reply 5 of 16
    kkerstkkerst Posts: 330member

    When I am asked for two step verification on one of my other devices, one device listed is the one I'm using to verify. So, it seems kind of pointless if I can verify on the same device. I thought the point was to use another physical device. 

  • Reply 6 of 16
    slurpyslurpy Posts: 5,115member
    Quote:
    Originally Posted by Benjamin Frost View Post





    Precisely.



    I think the whole security setup that Apple uses needs to be overhauled. It’s far too complicated. One password and Touch ID should be all that I need to use for everything; every app, every payment.



    Merging IDs would be nice, too, though maybe I'm being hasty; it’s only been 14 years or so since people have been requesting this. Bookmark this post, and in 560,000 trillion years, remind Apple to consider merging IDs; maybe they'll have the resources and capability by then.

     

    2 Step verification is fucking optional. But really, what does it tell you when people buy, use, and enjoy hundreds upon hundreds of millions of iOS devices, yet you find it "too complicated"? Think about that for a second. There is absolutely nothing complicated about Apple's setup- any rational person that has analyzed it would understand that it's the minimum they could do, keeping in mind all the variety of use case scenarios where security can be compromised. Also, not all iOS devices (and no OSX devices) have Touch ID, which is where 2 step verification is valuable, but I wouldn't expect you to have factored in that tiny little fact when making your knee jerk attacks. 

     

    I look forward to the day when you manage to make a single post that isn't dripping with nasty mockery and bile when it comes to Apple, or that is at least rooted in some kind of considered fact or thoughtfulness. Actually, who am I kidding. 

  • Reply 7 of 16
    kkerst wrote: »
    When I am asked for two step verification on one of my other devices, one device listed is the one I'm using to verify. So, it seems kind of pointless if I can verify on the same device. I thought the point was to use another physical device. 

    I see your point, and I wonder why they allow that, but at least you have to be logged into the device to see that number. Plus they ask me if I want to authenticate to my iPhone or my phone number which is the same device. I'd think they would know it's the same device and not offer me two choices to one device.
  • Reply 8 of 16
    solipsismy wrote: »
    kkerst wrote: »
    When I am asked for two step verification on one of my other devices, one device listed is the one I'm using to verify. So, it seems kind of pointless if I can verify on the same device. I thought the point was to use another physical device. 

    I see your point, and I wonder why they allow that, but at least you have to be logged into the device to see that number. Plus they ask me if I want to authenticate to my iPhone or my phone number which is the same device. I'd think they would know it's the same device and not offer me two choices to one device.

    I think there may be accounts with more then one iPhone but have only one phone number on record. Anyway, I suspect there are accounts where what you mention makes complete sense. I know that I had used my iTunes account many times from my computer and iPad, but when I finally used my iPhone to purchase from iTunes, I got the verification request and it was super easy to do and only requested that one time.
  • Reply 9 of 16
    nofeernofeer Posts: 2,422member

    so what happens if you lose your iPhone???

    can we  verify from a selection of devices??

     

    ok found it on apple support

     

    apple suggests placing a close persons sms capable device on your list

     

    What if I lose or give away one of my trusted devices?

    If you no longer have access to one of your devices, go to My Apple ID as soon as possible to remove that device from your list of trusted devices. That device can then no longer be used to help verify your identity.

  • Reply 10 of 16
    nofeer wrote: »
    so what happens if you lose your iPhone???
    can we  verify from a selection of devices??

    ok found it on apple support

    apple suggests placing a close persons sms capable device on your list

    <h2 style="color:rgb(51,51,51);margin-bottom:0px;margin-top:1.2em;padding-bottom:0px;">What if I lose or give away one of my trusted devices?</h2>

    <p style="color:rgb(51,51,51);margin-top:1em;">If you no longer have access to one of your devices, go to My Apple ID as soon as possible to remove that device from your list of trusted devices. That device can then no longer be used to help verify your identity.</p>

    Yes, you can. An iPad, for example.
  • Reply 11 of 16
    slurpy wrote: »
    Precisely.


    I think the whole security setup that Apple uses needs to be overhauled. It’s far too complicated. One password and Touch ID should be all that I need to use for everything; every app, every payment.


    Merging IDs would be nice, too, though maybe I'm being hasty; it’s only been 14 years or so since people have been requesting this. Bookmark this post, and in 560,000 trillion years, remind Apple to consider merging IDs; maybe they'll have the resources and capability by then.

    2 Step verification is fucking optional. But really, what does it tell you when people buy, use, and enjoy hundreds upon hundreds of millions of iOS devices, yet you find it "too complicated"? Think about that for a second. There is absolutely nothing complicated about Apple's setup- any rational person that has analyzed it would understand that it's the minimum they could do, keeping in mind all the variety of use case scenarios where security can be compromised. Also, not all iOS devices (and no OSX devices) have Touch ID, which is where 2 step verification is valuable, but I wouldn't expect you to have factored in that tiny little fact when making your knee jerk attacks. 

    I look forward to the day when you manage to make a single post that isn't dripping with nasty mockery and bile when it comes to Apple, or that is at least rooted in some kind of considered fact or thoughtfulness. Actually, who am I kidding. 

    I'm pleased to say that that day has arrived!

    In fact, it arrived a couple of years ago, but maybe you just weren't reading the right posts; I’ll give you the benefit of the doubt. "You're not reading it right," as Steve Jobs might have quipped. ????

    Anyway, back on topic: one wonders whether Apple is unofficially known as Booble in Cupertino by their staff, such has been the torrid state of the software for the past year.

    I am optimistic that this year will see a concerted focus on bug-fixing, which is manna to our ears. Messages is a great app at its core.

    Apple now need to overhaul iBooks, Music, Safari and iPhoto (already in process as Photos) as well as attend to their security kerfuffle.
  • Reply 12 of 16
    Quote:
    Originally Posted by Benjamin Frost View Post

     

    This is a garbled mess.

     

    If you click on View Account Details in FaceTime or iMessage on the Mac, your usual password won't work. You have to sign out and back in again. Then you have to set up 2-step verification. Even though I already had 2-step verification on my Mac and iOS devices, I had to do it again. Firstly, it gave me a four digit code for the verification. So far, so good. Then, it then gave me a new password for my account, but only for those two apps! What? And it was a computer-generated one that I’ll never remember, though it’s stored in Keychain under an obscure name.

     

    Bizarre, unwieldy and very un-Apple.

     

    Oh, I forgot! Apple doesn't do 'It just works' these days. Got it.


    Uh, that's exactly how app-specific passwords are supposed to work.  Normal access from a foreign device requires your account password and a dynamically generated code. Each trusted app is assigned a strong (and therefore deliberately hard to remember) app-specific password so that you don't have to wait for an SMS every time you launch the app. That password is intended to be entered only once.

  • Reply 13 of 16
    Quote: SolipsismY


     Plus they ask me if I want to authenticate to my iPhone or my phone number which is the same device. I'd think they would know it's the same device and not offer me two choices to one device.


     

    I've wondered that, but I think one is pushed to your iPhone as a notification, and the other as an SMS to the number...  I'm sure I've used this option before during times when I didn't have mobile data available.

  • Reply 14 of 16
    Two step authentication is great but why does one have to be SMS? I don't have any phone with SMS turned on. That feature costs money and except for authentication I have no use for it. I think text messages are just a scam dreamt up by the phone companies preying on foolish people who don't know they could be sent more efficiently via the internet.
  • Reply 15 of 16
    SMS and devices are listed separate because they are two different things. If you lose your device you could have your number moved to an old phone. The old phone could receive an SMS to allow you access to your account so you can delete the lost device from your trusted devices. Or it could be the opposite. If you switch your unlocked iPhone from one carrier to another and get a new number the device could still be used to allow you to access your account and remove your old number from your trusted numbers. It's a great feature really, two totally different types of tokens.
  • Reply 16 of 16
    kkerst wrote: »
    When I am asked for two step verification on one of my other devices, one device listed is the one I'm using to verify. So, it seems kind of pointless if I can verify on the same device. I thought the point was to use another physical device. 

    The system is not trying to prevent you from using your own account services on your own device. It's trying to stop me from logging into your account on my device, which it certainly does.
Sign In or Register to comment.