Set up extra Apple ID protection
Keep tabs on access to your Apple ID and related services with Alan Stonebridge.
Two-factor authentication (2FA for short) is a protective measure designed to ensure your Apple ID can only be accessed with your explicit approval. With the feature enabled, you’ll need more than just your email address and password to sign in to apps and services using your Apple ID.
In addition to those credentials, you’ll need to have a trusted device to hand in order to receive a verification code, which is used to confirm that the sign-in request came from you. If whoever is signing in doesn’t have one of your trusted devices to hand — and unlocked — they’ll be unable to read the code and pretend they are you.
2FA requires that you register at least one trusted phone number to receive verification codes, which can be given as a text message or in an automated phone call. You might also add a number belonging to your partner or a close family member; as long as that person doesn’t also know your password, they’ll be unable to access your account.
If you haven’t got access to any of your trusted devices, you can enter your Apple ID’s email address and password to sign in on a temporary or replacement device, then ask your trusted friend to provide you with the code they receive on their phone number when you attempt to sign in.
The downside of needing one of your trusted devices, or being able to reach a trusted contact, is a small price to pay for the reassurance that even if a potential intruder knows your Apple ID’s password, they can’t access your account — and that you’ll be informed about any attempt to break in.
Additionally, 2FA simplifies access to some iCloud features — notably iCloud Keychain, which will no longer require you to set and remember a separate security code to verify attempts to use your keychain; instead, you’ll be alerted to the attempt on your trusted devices, from which you can simply choose to allow or prevent access.
After you connect a Mac or iOS device to your iCloud account and verify your identity using 2FA, Apple treats that device as one that’s trusted, and in future, it’ll receive alerts and verification codes.
In order for 2FA to be effective, ensure that your devices use a strong password and that nobody else knows it; enable other simple security measures, such as automatically locking after a short time; and keep your Apple ID’s list of trusted phone numbers up to date at appleid.apple.com.