Apple Expanding Two-Step Verification to iCloud.com

Discussion in 'MacRumors.com News Discussion' started by MacRumors, Jun 30, 2014.

  1. MacRumors
    Expand Collapse
    macrumors bot

    MacRumors

    Joined:
    Apr 12, 2001
    #1
    [​IMG]


    Apple appears to be testing its two-factor authentication system on some iCloud.com accounts, asking for a verification code before allowing users with two-factor verification enabled to access various iCloud.com apps.

    First noticed by AppleInsider, the two-factor verification system for iCloud.com requires users to enter a verification code sent via SMS or to a trusted iOS device before the iCloud.com versions of Mail, Contacts, Calendar, Reminders, Pages, Numbers, and Keynote can be used.

    [​IMG]
    Previously, accessing these apps only required an Apple ID password, but now "Find My iPhone" is the only app that remains accessible without a two-factor verification code. Computers used to access iCloud.com have a "Remember This Browser" option, requiring a verification code to be entered only once.

    Originally implemented back in March of 2013, two-factor verification is an opt-in system designed to increase Apple ID account security by requiring identity verification before allowing users to make account changes or purchase content on new devices. It replaces standard security questions with a security code delivered to a trusted device.

    At this time, it is unknown if Apple is simply testing the feature with some users or working on a wider rollout for all iCloud.com users with two-factor verification enabled.

    Update 3:30 PM PT: Apple appears to have disabled two-factor verification for some iCloud.com accounts that previously had access to the feature, suggesting it may have seen an accidental early launch.

    Article Link: Apple Expanding Two-Step Verification to iCloud.com
     
  2. TouchMint.com
    Expand Collapse
    macrumors 65816

    TouchMint.com

    Joined:
    May 25, 2012
    Location:
    Phoenix
    #2
    I can hardly remember my password let alone the secert question haha.
     
  3. SMIDG3T
    Expand Collapse
    macrumors 68030

    SMIDG3T

    Joined:
    Apr 29, 2012
    Location:
    England
    #3
    This is good, it's needed to view/edit your Apple ID so why not to access iCloud?

    Another layer of security is great.
     
  4. madsci954
    Expand Collapse
    macrumors 68030

    Joined:
    Oct 14, 2011
    Location:
    Ohio
    #4
    Tested on live account and it shows up for me.
     
  5. SandboxGeneral
    Expand Collapse
    Moderator

    SandboxGeneral

    Staff Member

    Joined:
    Sep 8, 2010
    Location:
    Virgo Supercluster
    #5
    This is a step :p in the right direction. I've implemented the two-step on my Apple ID and think it would be welcome on iCloud as well.
     
  6. borneo76
    Expand Collapse
    macrumors member

    Joined:
    Sep 19, 2012
    Location:
    Indonesia
    #6
    i just frequently use Find My iPhone app only, that's all what i need :). But this is good to make more secure
     
  7. shokk
    Expand Collapse
    macrumors newbie

    Joined:
    Aug 8, 2008
    #7
    I can confirm this was requested on my account when I logged into iCloud. It's only a 4-digit PIN, but better than nothing.
     
  8. rorschach
    Expand Collapse
    macrumors 68000

    rorschach

    Joined:
    Jul 27, 2003
  9. OreoMuncher
    Expand Collapse
    macrumors newbie

    Joined:
    Nov 13, 2013
    #9
    All well and good but...

    How on earth am i going to use this is school. Our school uses a cart of windows laptops and we have separate computer rooms. And obviously since I'm in school i can't use my phone... What am i going to do? Will there be an option to turn this off? I physically can't use word or powerpoint in school any more, it's too much of a headache, i really need access to iCloud. Oh god.
     
  10. anyjungleinguy
    Expand Collapse
    macrumors regular

    Joined:
    Mar 6, 2012
    #10
    Am I interpreting this correctly?

    Even with 2 factor authentication, an attacker only needs a user's password to log into iCloud.com and then precede to wipe devices from Find My iPhone?
     
  11. appleguy123
    Expand Collapse
    macrumors 603

    appleguy123

    Joined:
    Apr 1, 2009
    Location:
    15 minutes in the future
    #11
    I hope it's optional. I often use icloud to email things to myself to print at my college. Not interested in have to do this every time I need to print something.
     
  12. Oletros
    Expand Collapse
    macrumors 603

    Oletros

    Joined:
    Jul 27, 2009
    Location:
    Premià de Mar
    #12
    Please, Apple, use an standard system like TOTP used by almost all the other companies
     
  13. Primejimbo
    Expand Collapse
    macrumors 68040

    Joined:
    Aug 10, 2008
    Location:
    Around
    #13
    then check "remember this browser". I just tried it and it took an extra few seconds.
     
  14. coolfactor
    Expand Collapse
    macrumors 68020

    Joined:
    Jul 29, 2002
    Location:
    Vancouver, BC CANADA
    #14
    Why not employ a service like Dropbox? Just as easy to log into that as to log into iCloud.
     
  15. CrazyForApple
    Expand Collapse
    macrumors 6502a

    CrazyForApple

    Joined:
    Dec 31, 2012
    Location:
    Buffalo, NY
  16. SMIDG3T
    Expand Collapse
    macrumors 68030

    SMIDG3T

    Joined:
    Apr 29, 2012
    Location:
    England
    #16
    "Computers used to access iCloud.com have a "Remember This Browser" option, requiring a verification code to be entered only once."

    Surely this means you can login at home, tick the box and you won't be asked for a code again so you can continue using iCloud at school?
     
  17. rdlink
    Expand Collapse
    macrumors 68030

    Joined:
    Nov 10, 2007
    #17
    I think the OP's point is that their school uses a series of computers on carts, and they won't necessarily have access to the same computer every time. Also, many schools like this clear browser history automatically on logout.
     
  18. appleguy123
    Expand Collapse
    macrumors 603

    appleguy123

    Joined:
    Apr 1, 2009
    Location:
    15 minutes in the future
    #18
    Because the college's library has several computers and it's not guaranteed that I'll get the same one every time?

    Plus, I think they're restored to defaults every night.
     
  19. whsbuss
    Expand Collapse
    macrumors 68020

    whsbuss

    Joined:
    May 4, 2010
    Location:
    SE Penna.
    #19
    WOW - I suggested this to Apple feedback when the phones down under got hacked last month. Its what'e required in this hacker world we live in.

    Good job Apple!
     
  20. Radio
    Expand Collapse
    macrumors 68000

    Joined:
    Mar 5, 2012
    Location:
    Central California
  21. bushido
    Expand Collapse
    macrumors 604

    bushido

    Joined:
    Mar 26, 2008
    Location:
    Germany
    #21
    lol my family will never understand this .... they already dont get those security questions. my sister for example is always like "huh??? how does it know what my favorite book is????" and my aunt is like "what is an apple id? ... after putting in her gmail account info for like 5 times and getting her apple id blocked" :rolleyes:
     
  22. bathurstguy, Jun 30, 2014
    Last edited: Jun 30, 2014

    bathurstguy
    Expand Collapse
    macrumors newbie

    Joined:
    Jan 30, 2009
    #22
    It makes sense not to require second factor authentication for FMiP. If you have lost your iPhone, then how are you going to retrieve the code sent to your iPhone... You really need to think before posting!

    Also, worst case if your device is erased, you simply restore from iCloud Backup and change your password. It really isn't that bad TBH.
     
  23. firedept
    Expand Collapse
    macrumors demi-god

    firedept

    Joined:
    Jul 8, 2011
    Location:
    Somewhere!
    #23
    This is a good thing. In this day and age, the more security the better. I won't be surprised though by how many people will not use it unless they have no option out of it.
     
  24. riskerin
    Expand Collapse
    macrumors newbie

    Joined:
    Jun 24, 2013
    #24
    issue forseen?

    What does one do, however, if you are logging onto another computer to iCloud, so you can use Find my iPhone to locate that trusted IOS device they would normally send the verification code to?
     
  25. CFreymarc
    Expand Collapse
    macrumors 68040

    Joined:
    Sep 4, 2009
    #25
    Forbidding access to cell phones in the class room is an obsolete policy trying to defend a nearly obsolete educational system over a century old propped up by teachers unions. There is a middle ground to make this work but the teach has to know they are no longer the sole provider of information in the classroom anymore. That went away with a broadband connection into the schools.
     

Share This Page