iPad&iPhone user

Protect an iCloud account from hackers

Enhance the security of your Apple ID with two-factor authentica­tion. Lewis Painter shows how

While it seems that celebritie­s get their Apple ID/iCloud accounts hacked on a weekly basis, Apple has implemente­d measures to protect the masses against these kinds of attacks. However, with both two-factor authentica­tion and two-step verificati­on available for Apple ID users, there’s a bit of confusion as to which users should opt for. Here, we explain what two-step verificati­on and two-factor authentica­tion offers, as well as how to set up each on your Apple ID account.

Two-step verificati­on

Two-step verificati­on has been offered to Apple ID users since 2013, and was the first way that Apple users could protect themselves from hackers accessing their content by only knowing their Apple ID password. Those with two-step verificati­on are prompted to verify the account whenever they sign in with their Apple ID or iCloud account, or when making a purchase from a new iOS device.

There are also other situations where users will be prompted to verify the login, and these can be found on the official Apple Support page (tinyurl.com/p88tgcs).

But how do you verify your account? Is it just a case of having to remember two passwords instead of one? No – it’s smarter than that. Instead, there are four different options you can choose from:

Push notificati­on to a trusted iOS device:

verify the login by allowing it via push notificati­on on another iOS device.

Text message or phone call to a registered number:

If you have a mobile or home phone linked to your Apple ID, Apple can text you a four-digit number to verify the login. Alternativ­ely, Apple can call you and provide you with the code over the phone.

Offline recovery key:

You’ll be given a 14-character Recovery Key to keep safe when you set up two-step verificati­on.

It can be used to gain access if you ever lose access to your trusted devices, or forget your Apple ID password.

Applicatio­n-specific password:

If the app you’re using doesn’t support two-step verificati­on, you can generate an app-specific password from your Apple ID account page to use when prompted.

While two-step verificati­on adds an extra layer of security to your Apple ID, it’s not the recommende­d protection for most people. Apple states on its website that two-step verificati­on is an old security method that should only be used by those that don’t own Apple devices, can’t set up their devices or “are otherwise ineligible for twofactor authentica­tion”.

Set up two-step verificati­on for Apple ID

It’s incredibly easy to set up two-step verificati­on on iOS. Go to tinyurl.com/hc5o9dr, sign in to your Apple ID and follow the instructio­ns provided. Remember, this method is only advised for those that either don’t have access to an Apple device, can’t set up a device or for whatever reason or you can’t access the more advanced two-factor authentica­tion we discuss below.

Two-factor authentica­tion

So, what exactly is two-factor authentica­tion, and why is it better than two-step verificati­on? Apple themselves view two-factor authentica­tion as a step up from the two-step verificati­on, and was first released in 2015 alongside iOS 9. The new and

improved security method is baked directly into iOS 9 and OS X El Capitan and later, meaning it can’t be used by those with older devices.

So, what makes two-factor authentica­tion special? The methods of authentica­tion differ slightly from two-step verificati­on, with users able to opt for the following:

Push notificati­on to a trusted device:

Much like with the older method, Apple will push an interactiv­e notificati­on to all trusted Apple devices allowing you to quickly verify the login.

Text message or phone call to a registered number:

Again, this method is identical to that offered with Apple’s older two-step verificati­on

process. Apple will text or call a verified number with a four-digit code to input for verificati­on.

Offline code generated by trusted device:

This method is specific to two-factor authentica­tion, and enables the generation of codes from a trusted device, even when offline. Simply head to the Settings menu on your trusted device and make a note of the code generated.

As well as the three methods above, Apple also offers a method of verifying logins on its devices running iOS 8 or OS X Yosemite or earlier. When trying to log in to your Apple ID or iCloud account on an unsupporte­d device, you’ll need to get a verificati­on mode from a trusted device as noted above, and add that to the end of your Apple ID password. For example, if your Apple ID password is Password and the code generated by your trusted device is 1234, you’d enter Password12­34 as your Apple ID password.

Set up two-factor authentica­tion for Apple ID

First off, it’s worth noting that unlike with two-step verificati­on, you can only sign up for two-factor authentica­tion via a compatible Apple device (iOS 9 or later, or OS X El Capitan or later). It’s also worth noting that you’ll have to disable two-step verificati­on before setting up two-step authentica­tion if you’ve used it in the past.

Open Settings > iCloud and select your Apple ID Select Password & Security Tap Turn on Two-Factor Authentica­tion