Apple Secures Users with Two-Factor Authentication

At the heart of Apple’s Mac OS X and iOS operating systems is the Apple ID authentication mechanism. The Apple ID is linked to users’ payment information, iCloud storage, AppStore access and Apple support. Until this week, the Apple ID was also a potential security weak spot, protected by only a single password.

Apple is advancing the state of Apple ID protection by introducing a two-step verification process.

“Turning on two-step verification reduces the possibility of someone accessing or making unauthorized changes to your account information at My Apple ID or making purchases using your account,” Apple stated in a support note.

Apple’s two-step verification will require users to enter a time-sensitive verification code in addition to their username/password in order to access the Apple ID services. The verification code is granted by way of a trusted device the user will need to set up to receive a four-digit code from Apple.

The code can be obtained via SMS message on a smartphone or via the “Find My iPhone” notification. “Find My iPhone” can run on Apple iOS, as well as Mac OS X and Windows PCs.

Apple provides an additional layer of fallback by prompting users who have lost trusted devices or access to “Find My iPhone” to print out a one-time 14-digit Recovery Key password if they lose their trusted device or access to the “Find My iPhone” notification.

The move to a two-step verification scheme will also put the onus of responsibility for password protection on users, not Apple.

“Apple Support cannot reset your password on your behalf,” Apple stated. “To reset your password, you must have your Recovery Key and access to at least one of your trusted devices.”

Promoting Two-Factor Authentication

Apple is not the first vendor to implement a two-factor authentication scheme for consumer technology. Google has been pushing its two-factor approach for several years. Facebook introduced a two-factor authentication system called “Login Approvals” in 2011. Paypal also offers two-factor authentication for its users.

“I think having two-factor authentication is a great security enhancement,” said Wolfgang Kandek, CTO of security vendor Qualys.

The challenge with two-factor authentication is implementing it in a user-friendly way, Kandek said.

“Apple is going the SMS route, which is easier for users than installing an application on a smartphone,” he said. “Apple is also limiting the situations where the two-factor authentication will be required to managing your account (password resets, etc.), authorizing new devices for iTunes purchases, and in general interacting with Apple Support.”

Kandek added that Apple’s two-step verification is a great step in pushing the security approach into the mainstream.

Apple’s two-step verification will not be available to all Apple users, at least initially. The service is being launched in the U.S., UK, Australia, Ireland and New Zealand, with more countries to come over time.

Sean Michael Kerner is a senior editor at InternetNews.com, the news service of the Quinstreet Enterprise Network. Follow him on Twitter @TechJournalist.

Latest articles

XDR Emerges as a Key Next-Generation Security Tool

Corporate networks are complex, and so is the myriad of cybersecurity solutions that protect them. Trying to manage all the security tools in a...

Best Encryption Tools & Software for 2020

Enterprises can invest in state of the art threat defenses like next-gen firewalls, microsegmentation and zero trust tools, but even the very best tools...

SASE: Securing the Network Edge

Dramatic growth in Internet of Things (IoT) devices and external users have forced IT departments to move storage and processing functions closer to the...

Kaspersky vs. Bitdefender: EDR Solutions Compared

Kaspersky and Bitdefender have very good endpoint security products for both business and consumer users, so they made both our top EDR and top...

Related articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here