Pro­tect an iCloud ac­count from hack­ers

En­hance the se­cu­rity of your Ap­ple ID with two-fac­tor au­then­ti­ca­tion. Lewis Pain­ter shows how

iPad&iPhone user - - CONTENTS -

While it seems that celebri­ties get their Ap­ple ID/iCloud ac­counts hacked on a weekly ba­sis, Ap­ple has im­ple­mented mea­sures to pro­tect the masses against these kinds of at­tacks. How­ever, with both two-fac­tor au­then­ti­ca­tion and two-step ver­i­fi­ca­tion avail­able for Ap­ple ID users, there’s a bit of con­fu­sion as to which users should opt for. Here, we ex­plain what two-step ver­i­fi­ca­tion and two-fac­tor au­then­ti­ca­tion of­fers, as well as how to set up each on your Ap­ple ID ac­count.

Two-step ver­i­fi­ca­tion

Two-step ver­i­fi­ca­tion has been of­fered to Ap­ple ID users since 2013, and was the first way that Ap­ple users could pro­tect them­selves from hack­ers ac­cess­ing their con­tent by only know­ing their Ap­ple ID pass­word. Those with two-step ver­i­fi­ca­tion are prompted to ver­ify the ac­count when­ever they sign in with their Ap­ple ID or iCloud ac­count, or when mak­ing a pur­chase from a new iOS de­vice.

There are also other sit­u­a­tions where users will be prompted to ver­ify the lo­gin, and these can be found on the of­fi­cial Ap­ple Sup­port page (­gcs).

But how do you ver­ify your ac­count? Is it just a case of hav­ing to re­mem­ber two pass­words in­stead of one? No – it’s smarter than that. In­stead, there are four dif­fer­ent op­tions you can choose from:

Push no­ti­fi­ca­tion to a trusted iOS de­vice:

ver­ify the lo­gin by al­low­ing it via push no­ti­fi­ca­tion on an­other iOS de­vice.

Text mes­sage or phone call to a reg­is­tered num­ber:

If you have a mo­bile or home phone linked to your Ap­ple ID, Ap­ple can text you a four-digit num­ber to ver­ify the lo­gin. Al­ter­na­tively, Ap­ple can call you and pro­vide you with the code over the phone.

Off­line re­cov­ery key:

You’ll be given a 14-char­ac­ter Re­cov­ery Key to keep safe when you set up two-step ver­i­fi­ca­tion.

It can be used to gain ac­cess if you ever lose ac­cess to your trusted de­vices, or for­get your Ap­ple ID pass­word.

Ap­pli­ca­tion-spe­cific pass­word:

If the app you’re us­ing doesn’t sup­port two-step ver­i­fi­ca­tion, you can gen­er­ate an app-spe­cific pass­word from your Ap­ple ID ac­count page to use when prompted.

While two-step ver­i­fi­ca­tion adds an ex­tra layer of se­cu­rity to your Ap­ple ID, it’s not the rec­om­mended pro­tec­tion for most peo­ple. Ap­ple states on its web­site that two-step ver­i­fi­ca­tion is an old se­cu­rity method that should only be used by those that don’t own Ap­ple de­vices, can’t set up their de­vices or “are oth­er­wise in­el­i­gi­ble for twofac­tor au­then­ti­ca­tion”.

Set up two-step ver­i­fi­ca­tion for Ap­ple ID

It’s in­cred­i­bly easy to set up two-step ver­i­fi­ca­tion on iOS. Go to, sign in to your Ap­ple ID and fol­low the in­struc­tions pro­vided. Re­mem­ber, this method is only ad­vised for those that ei­ther don’t have ac­cess to an Ap­ple de­vice, can’t set up a de­vice or for what­ever rea­son or you can’t ac­cess the more ad­vanced two-fac­tor au­then­ti­ca­tion we dis­cuss be­low.

Two-fac­tor au­then­ti­ca­tion

So, what ex­actly is two-fac­tor au­then­ti­ca­tion, and why is it bet­ter than two-step ver­i­fi­ca­tion? Ap­ple them­selves view two-fac­tor au­then­ti­ca­tion as a step up from the two-step ver­i­fi­ca­tion, and was first re­leased in 2015 along­side iOS 9. The new and

im­proved se­cu­rity method is baked di­rectly into iOS 9 and OS X El Cap­i­tan and later, mean­ing it can’t be used by those with older de­vices.

So, what makes two-fac­tor au­then­ti­ca­tion spe­cial? The meth­ods of au­then­ti­ca­tion dif­fer slightly from two-step ver­i­fi­ca­tion, with users able to opt for the fol­low­ing:

Push no­ti­fi­ca­tion to a trusted de­vice:

Much like with the older method, Ap­ple will push an in­ter­ac­tive no­ti­fi­ca­tion to all trusted Ap­ple de­vices al­low­ing you to quickly ver­ify the lo­gin.

Text mes­sage or phone call to a reg­is­tered num­ber:

Again, this method is iden­ti­cal to that of­fered with Ap­ple’s older two-step ver­i­fi­ca­tion

process. Ap­ple will text or call a ver­i­fied num­ber with a four-digit code to in­put for ver­i­fi­ca­tion.

Off­line code gen­er­ated by trusted de­vice:

This method is spe­cific to two-fac­tor au­then­ti­ca­tion, and en­ables the gen­er­a­tion of codes from a trusted de­vice, even when off­line. Sim­ply head to the Set­tings menu on your trusted de­vice and make a note of the code gen­er­ated.

As well as the three meth­ods above, Ap­ple also of­fers a method of ver­i­fy­ing lo­gins on its de­vices run­ning iOS 8 or OS X Yosemite or ear­lier. When try­ing to log in to your Ap­ple ID or iCloud ac­count on an un­sup­ported de­vice, you’ll need to get a ver­i­fi­ca­tion mode from a trusted de­vice as noted above, and add that to the end of your Ap­ple ID pass­word. For ex­am­ple, if your Ap­ple ID pass­word is Pass­word and the code gen­er­ated by your trusted de­vice is 1234, you’d en­ter Pass­word1234 as your Ap­ple ID pass­word.

Set up two-fac­tor au­then­ti­ca­tion for Ap­ple ID

First off, it’s worth not­ing that un­like with two-step ver­i­fi­ca­tion, you can only sign up for two-fac­tor au­then­ti­ca­tion via a com­pat­i­ble Ap­ple de­vice (iOS 9 or later, or OS X El Cap­i­tan or later). It’s also worth not­ing that you’ll have to dis­able two-step ver­i­fi­ca­tion be­fore set­ting up two-step au­then­ti­ca­tion if you’ve used it in the past.

Open Set­tings > iCloud and se­lect your Ap­ple ID Se­lect Pass­word & Se­cu­rity Tap Turn on Two-Fac­tor Au­then­ti­ca­tion

Newspapers in English

Newspapers from UK

© PressReader. All rights reserved.