How to protect your Apple ID, iCloud, iMessage and more by enabling two-step verification

Posted:
in iCloud edited February 2015
Two-step verification adds an additional layer of protection to your Apple ID login by requiring users to enter their password plus a second, temporary number sent to a trusted device.




Apple has recently expanded which services are protected by its two-step verification service, which now includes your iCloud account, iTunes Store purchases, FaceTime and iMessage.

Should you have two Apple IDs, such as one for iTunes Store purchases and another for iCloud, you'll need to enable two-step verification on both accounts separately. In order to begin the process, your Apple ID password must also meet the requirements of eight characters with at least one number and one capital letter.

If you change your Apple ID password to meet these requirements, there will be a short waiting period to begin the process of enabling two-step verification.

To get started, visit the website: appleid.apple.com and Sign In.




On the next screen, select Password and Security in the left sidebar.




Before proceeding you'll need to answer two of your security questions. Click Continue once you've answered.




On the next screen you'll see options to change your password and security questions. To enable, click the Get Started link in the Two-step verification section.




Next you will see a brief description of the sign-in process once two-step verification is enabled. Click Continue to proceed.




A further description of the benefits will appear on the next screen. As we'll describe later, it's very important to save your Recovery Key in a safe place. Physically writing it down on paper and placing it in a safe is advisable. Click Continue.




Next will be a list of warnings and cautionary instructions. If by chance you lose all trusted devices and your Recovery Key, Apple will not be able to help you regain access to the account. App-specific passwords will also be required for third-party apps using iCloud such as Fantastical on OS X and other mail, contacts or calendar apps. Click Continue.




Step one to enabling two-step verification will be selecting your trusted devices that will receive the automatic, temporary codes when you login with your Apple ID. If no devices are displayed here, you must enter a valid phone number that can receive SMS text messages.




Click Add a phone number..., enter the phone number you would like to use and click Continue. Apple will send that phone number a four digit Verification Code via text message. Once received, enter the code into the new window and click Verify.




Once your number is successfully verified, you'll see a green Verified note and check mark next to that number. Click Continue.




Step 2 will give you the important Recovery Key. Physically print this key or write it down and store it in a safe place. Users may add this information to 1Password or other app, but we still advise keeping a physical record. Click Continue.




You will then be required to enter your Recovery Key to ensure you have copied it correctly. A green check mark will appear if it is correct. Click Confirm to proceed.




Final instructions and warnings will be displayed on the last page. Check the box I understand the conditions above. and finally, click Enable Two-Step Verification.




The Password and Security section will now display that "Two-step verification is enabled." From now on, any time you attempt to login with your Apple ID a four digit code will be sent to your trusted device for verification.




Any third party apps that were previously logged in with iCloud may now require an app-specific password that can be generated at appleid.apple.com.

Comments

  • Reply 1 of 17
    I protect even with three and four. First I go to Mac to authorize access to my iPhone, but before I do that I go to iPad to authorizer access to my Mac. Well before that I have to go to iPhone to authorize access to my iPad. To add more security I keep my iPad in different state.
  • Reply 2 of 17
    dasanman69dasanman69 Posts: 13,001member
    I protect even with three and four. First I go to Mac to authorize access to my iPhone, but before I do that I go to iPad to authorizer access to my Mac. Well before that I have to go to iPhone to authorize access to my iPad. To add more security I keep my iPad in different state.

    What extra security is there by keeping your iPad across state lines? ;)
  • Reply 3 of 17
    mike1mike1 Posts: 2,741member

    This has got to be the biggest PIA ever. That is why it will never gain mass acceptance.

  • Reply 4 of 17
    I will not enable this for one simple reason. As far as I know, having two-step verification enabled will prevent me from locating my iPhone with Find My iPhone unless I remember my recovery key. In a situation where I loose my phone I think it is critical to be able to log in to Find My iPhone on say a friends phone as soon as possible. For this reason I think Find My iPhone should be exempt from two-step verification.
  • Reply 5 of 17



    He wanted to look funny, but he ended looking fool.

  • Reply 6 of 17
    The biggest piece left out is that if someone attempts to guess your password and causes your account to be locked out, you need your recovery key to access it, even if you know your password and have a trusted device. Potentially you will lose access to your account and all your purchases even if you have 2/3 items.
  • Reply 7 of 17
    stephenroblesstephenrobles Posts: 90member, moderator, editor
    Quote:
    Originally Posted by mongobongo View Post



    I will not enable this for one simple reason. As far as I know, having two-step verification enabled will prevent me from locating my iPhone with Find My iPhone unless I remember my recovery key. In a situation where I loose my phone I think it is critical to be able to log in to Find My iPhone on say a friends phone as soon as possible. For this reason I think Find My iPhone should be exempt from two-step verification.



    Actually, Find My iPhone is the one iCloud service you can access via the web without your two-step verification code. Here is a screenshot of what iCloud looks like with two-step enabled after logging in:

     

  • Reply 8 of 17
    How can you use two step verification if you don't have text service on your cell phone? It costs extra and I never use it since I have Skype and a data plan.
  • Reply 9 of 17
    stephenroblesstephenrobles Posts: 90member, moderator, editor
    Quote:

    Originally Posted by GrangerFX View Post



    How can you use two step verification if you don't have text service on your cell phone? It costs extra and I never use it since I have Skype and a data plan.



    You can register an iPhone or iPad as a trusted device (must be logged into iCloud on device with the same Apple ID you're trying to enable two-step for), and codes will be sent straight to the iPhone / iPad. Very important to keep the recovery key in that situation though. If your device dies, restoring from iCloud does not make it a trusted device, whereas porting your number to a new phone will still receive the text messages.

  • Reply 10 of 17

    Actually, Find My iPhone is the one iCloud service you can access via the web without your two-step verification code. Here is a screenshot of what iCloud looks like with two-step enabled after logging in:

    <img alt="" class="lightbox-enabled" data-id="55536" data-type="61" src="http://forums.appleinsider.com/content/type/61/id/55536/width/350/height/700/flags/LL" style="; width: 350px; height: 157px">

    Well I'll be damned...

    But iCloud is not accessible through Safari for iOS. Do you know if the Find My iPhone app also works without a verification code or recovery key?
  • Reply 11 of 17
    stephenroblesstephenrobles Posts: 90member, moderator, editor
    Quote:

    Originally Posted by mongobongo View Post





    Well I'll be damned...



    But iCloud is not accessible through Safari for iOS. Do you know if the Find My iPhone app also works without a verification code or recovery key?



    Yes, just tried it. My iPad's Find My iPhone app lets you login without a verification code and see the location of your device, lock it, etc. Most likely this would be the case with any trusted devices registered to your Apple ID.

  • Reply 12 of 17

    Yes, just tried it. My iPad's Find My iPhone app lets you login without a verification code and see the location of your device, lock it, etc. Most likely this would be the case with any trusted devices registered to your Apple ID.

    But my concern was regarding devices that are not trusted. Let's say I'm in a bar and I realize my phone is missing. My friend has an iPhone with the Find My iPhone app. I need to be able to locate my own phone through his device which isn't trusted. The only way to do that would be using the app as its not possible to access iCloud through iPhone web browsers.
  • Reply 13 of 17
    stephenroblesstephenrobles Posts: 90member, moderator, editor
    Quote:

    Originally Posted by mongobongo View Post





    But my concern was regarding devices that are not trusted. Let's say I'm in a bar and I realize my phone is missing. My friend has an iPhone with the Find My iPhone app. I need to be able to locate my own phone through his device which isn't trusted. The only way to do that would be using the app as its not possible to access iCloud through iPhone web browsers.



    Just confirmed, you can login to the "Find My iPhone" app on a friend's device without the 4-digit verification code and find the location of your devices.

  • Reply 14 of 17

    Just confirmed, you can login to the "Find My iPhone" app on a friend's device without the 4-digit verification code and find the location of your devices.

    Awesome. That was the only thing keeping me from enabling two-step verification. Thanks for looking into it!
  • Reply 15 of 17

    I would not be able to do this because my ID is different from my iCloud account. 

  • Reply 16 of 17
    calicali Posts: 3,494member
    Nice android idea!!

    Apple should use that fingerprint thingy for verification.

    "But that's not fair for older device owners!!"
    ...that's the point.

    As a matter of fact, ALL logins should require TouchID. It's faster than typing a password and safer than autofill.
  • Reply 17 of 17

    I think it would be great if Apple could drastically simplify this whole security setup. It’s way too much for most people. 

     

    Just Touch ID and a password.

Sign In or Register to comment.