How To Turn On Apple’s Two-Step Authentication

You’ve heard the stories about iCloud accounts getting hacked; the ones that make the news are celebrities’ accounts, but there may be people wanting to get into yours too. In addition to your Apple ID–the email address you use to identify your account–your password is the key that lets you into that account.

But anyone can pretend to be you, and attempt to get into your account, saying they’ve forgotten the password, and then attempting to answer the security questions that you chose when setting up the Apple ID. If they get through them, because they know the name of your first pet, your favorite sports team, and whatever else, they can access your account. Unless you add an additional layer of security.

Read the article on the Intego Mac Security blog.

4 thoughts on “How To Turn On Apple’s Two-Step Authentication

  1. Kirk has documented some of the problems with Apple’s two-step authentication, including account owners who are locked out of their accounts by Apple, after someone tries to get in without the proper information, and other owners whom Apple has not allowed back into their accounts, even when they have a trusted device and other information. At the moment, I prefer using strong passwords, via a password manager, and avoiding the two-step system.

    The security questions seem like a weak link, but there is no reason to give simple, guessable or findable answers. In all the systems that I have used, it is possible to enter a strong password from my password manager as an answer to a security question. If I enter a randomly generated password like “P4oHxpT3GSJ.ujr” as the name of my pet, high school, or favorite teacher, then this is not a source of guessable vulnerability. Of course, I use a unique password for each security question, and I don’t duplicate them between sites. (And I know that password manager passwords are not truly random, but they are random enough for security guess-proofing purposes.)

  2. Kirk has documented some of the problems with Apple’s two-step authentication, including account owners who are locked out of their accounts by Apple, after someone tries to get in without the proper information, and other owners whom Apple has not allowed back into their accounts, even when they have a trusted device and other information. At the moment, I prefer using strong passwords, via a password manager, and avoiding the two-step system.

    The security questions seem like a weak link, but there is no reason to give simple, guessable or findable answers. In all the systems that I have used, it is possible to enter a strong password from my password manager as an answer to a security question. If I enter a randomly generated password like “P4oHxpT3GSJ.ujr” as the name of my pet, high school, or favorite teacher, then this is not a source of guessable vulnerability. Of course, I use a unique password for each security question, and I don’t duplicate them between sites. (And I know that password manager passwords are not truly random, but they are random enough for security guess-proofing purposes.)

  3. Given my brother in law’s recent experience with resetting his Apple ID, in which his most recent security code did not grant him access to the account, but an older and theoretically out of date generated security code (which by some miracle he had saved) did grant him access…. I’m on the brink of deciding that the pain and risk of 2FA far outweigh whatever benefits accrue to it.

  4. Given my brother in law’s recent experience with resetting his Apple ID, in which his most recent security code did not grant him access to the account, but an older and theoretically out of date generated security code (which by some miracle he had saved) did grant him access…. I’m on the brink of deciding that the pain and risk of 2FA far outweigh whatever benefits accrue to it.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.