Apple to remove Recovery Key from iOS 9, OS X 10.11 two-factor authentication process
Apple on Wednesday confirmed that the removal of a pesky Recovery Key security mechanism will be one of the changes coming to its two-factor authentication solution when iOS 9 and OS X 10.11 El Capitan are released this fall.
Currently, the Recovery Key system in Apple's "two-step" protocol works as a failsafe for accessing an Apple ID when registered trusted device or phone number is unavailable. Under the existing setup, losing both a trusted device and Recovery Key renders the account inaccessible, which has in the past forced some users to abandon their Apple IDs altogether.
With higher level integration in iOS 9 and El Capitan, Apple's new method, now referred to as "two-factor," does away with 14-character Recovery Keys, to be replaced by a live customer support recovery process, an Apple spokesperson confirmed to MacWorld. The feature removal is just one modification Apple plans to apply when two-factor authentication rolls out later this year.
Other security enhancements were revealed in a support document published today, including longer six-digit verification codes and more intuitive authentication alerts that work across iOS and OS X platforms. For example, when users sign in to their Apple ID on a new device -- or browser in the case of iCloud -- with a password, a verification code is automatically pushed to all trusted devices. Text message and phone call verifications to trusted numbers will also remain available.
Because the system is built in to iOS 9 and El Capitan, devices running older iOS and OS X versions will not display the new six-digit verification codes. Once a user enables the new two-factor protocol, attempting to access an Apple ID using an iOS 8 device, for example, will send the six-digit code only to compatible devices. In lieu of a dedicated code entry mechanism, users might be prompted to log in again and append the six-digit number to the end of their password.
The new opt-in two-factor protocol is currently rolling out to a limited number of beta testers and will gradually become available to more users as Apple builds up backend support.
Currently, the Recovery Key system in Apple's "two-step" protocol works as a failsafe for accessing an Apple ID when registered trusted device or phone number is unavailable. Under the existing setup, losing both a trusted device and Recovery Key renders the account inaccessible, which has in the past forced some users to abandon their Apple IDs altogether.
With higher level integration in iOS 9 and El Capitan, Apple's new method, now referred to as "two-factor," does away with 14-character Recovery Keys, to be replaced by a live customer support recovery process, an Apple spokesperson confirmed to MacWorld. The feature removal is just one modification Apple plans to apply when two-factor authentication rolls out later this year.
Other security enhancements were revealed in a support document published today, including longer six-digit verification codes and more intuitive authentication alerts that work across iOS and OS X platforms. For example, when users sign in to their Apple ID on a new device -- or browser in the case of iCloud -- with a password, a verification code is automatically pushed to all trusted devices. Text message and phone call verifications to trusted numbers will also remain available.
Because the system is built in to iOS 9 and El Capitan, devices running older iOS and OS X versions will not display the new six-digit verification codes. Once a user enables the new two-factor protocol, attempting to access an Apple ID using an iOS 8 device, for example, will send the six-digit code only to compatible devices. In lieu of a dedicated code entry mechanism, users might be prompted to log in again and append the six-digit number to the end of their password.
The new opt-in two-factor protocol is currently rolling out to a limited number of beta testers and will gradually become available to more users as Apple builds up backend support.
Comments
Look forward to the social engineering attacks used against the customer service reps to get around the two-factor authentication going forward.
Reading the support document, I suspect the method to prevent that is time. During the "several days", they'll probably send out account warnings and look for activity. For example, if you need to recover because your trusted phone is lost, and they see the phone connect to their servers as normal, then they know they're being tricked.
Especially smoothing the interaction of security between devices.
One thing to note if you haven't experienced it yet. The tie in of security and Apple ID means - If for some reason you need to change your Apple ID, not a new account, but change your existing account and you have a bunch of devices then get ready for an evening of IT over a few beverages of your choice.
You have to disable all iCloud stuff and sign out of everything on everything so that none of your devices are related to your Apple ID anymore in any way. Then you change via browser. Then you have to go through and reconnect and activate everything. If you don't you end up locked out of your own devices or with broken services.
I REALLY hope in these new OS releases they have streamlined this. I did it in the correct manner a couple months ago now and while it did "just work" the process to do achieve it wasn't "it just works" rather it was more "it's just for nerds"
Oh well.
(duplicate of above)
Darn. I've used my recovery key so often that I had recently memorized it.
Oh well.
How does this happen? You're misplacing your trusted devices for large swaths of time?
How does this happen? You're misplacing your trusted devices for large swaths of time?
Talking of "misplaced trusted devices", I've had a bad surprise with Blizzard. I had an authenticator thing installed on my previous iPhone, and when I upgraded I just made the usual "install iPhone as previous iPhone". Well, guess what.... The authenticator doesn't carry over.
So I end up locked out of my Blizzard account, because "trusted device" actually means "physical trusted device".
Apple gives you bad reflexes, expecting things to "just work"
I don't. Now there is a huge, gaping security hole in the system that didn't previously exist: CSRs that have over the years been notorious for being scammed by social engineering and phishing attacks. Even employees at well-known security companies have fallen prey to these attacks and we are now supposed to trust an underpaid, overworked CSR to fully vet highly-skilled people trying to gain access to people's account? Not tomention the potential abuse of this by three-letter agencies with NSLs.
Hopefully the old system will stick around.
Talking of "misplaced trusted devices", I've had a bad surprise with Blizzard. I had an authenticator thing installed on my previous iPhone, and when I upgraded I just made the usual "install iPhone as previous iPhone". Well, guess what.... The authenticator doesn't carry over.
So I end up locked out of my Blizzard account, because "trusted device" actually means "physical trusted device".
Apple gives you bad reflexes, expecting things to "just work"
I had the same thing happen back with the original iPhone or maybe it was my 3GS to 4, had to send a scan of my drivers license to them to get it unlocked. Took about 3 days total, not hard but def annoying.
It seems also a huge change in security paradigm, because if Customer Support is capable of unlocking access to your encrypted data, it means that has a copy of your "key" or "key" is not unique. And so access can be technically granted to third parties.
Exactly. It's a backdoor for TLAs being sold as a feature. No thanks, Apple.
Now without it folks will have call customer support, sit on hold for who knows how long, then get grilled for half an hour about all sorts of details to prove they are the real account holder and so on