Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Apple Increases Account Security With Optional Two-Step Verification System for Apple IDs
- Thread starter MacRumors
- Start date
- Sort by reaction score
The way the security questions are structure are limited in only a few choices. By having 4-digit code enhances it quite a bit.
Great, if you don't have an iPhone or and iPad you can't have two step verification
SMS is available as well.
...
Apple should allow automated call back (like Google does) as an "option" where SMS is not working, since SMS is unreliable. Its happened to us all, and when it does, call back service with automated voice reading verification code always works.
I can't believe the only option other than SMS & "find my iPhone", which not everyone uses..... is the only thing thats there.
I sure don't. I know where my iPhone is, and if i lose it, its my problem.
Apple should allow automated call back (like Google does) as an "option" where SMS is not working, since SMS is unreliable. Its happened to us all, and when it does, call back service with automated voice reading verification code always works.
I can't believe the only option other than SMS & "find my iPhone", which not everyone uses..... is the only thing thats there.
I sure don't. I know where my iPhone is, and if i lose it, its my problem.
No, Apple should allow using time code apps like Google, Dropbox, Facebook or Lastpass do. There is an standard for that
What are some thoughts on receiving the code through Find My Phone vs SMS. Is the SMS through iMessage or the carrier? I have to wait until Monday or else I'd test this myself. Could one method be more secure than the other?
I set this up yesterday. I just logged in on my iPad specifically to purchase an app and it didn't ask me for any additional code, it was a free app, but I still thought it would ask.
I went back to the desktop where I set it up and when logging in on the web it asked for the two-step.
I just wanted to verify the devices so that it wouldn't ask me again for them. That's the thing, right? Only ONCE PER DEVICE?
No other apps that I want to buy so I'll just have to try it again later.
Gary
I went back to the desktop where I set it up and when logging in on the web it asked for the two-step.
I just wanted to verify the devices so that it wouldn't ask me again for them. That's the thing, right? Only ONCE PER DEVICE?
No other apps that I want to buy so I'll just have to try it again later.
Gary
Last edited:
You have two options: an alert via Find My Phone which is like any other FMi activity and works on cellular data or wifi, or a standard SMS message, which would require cellular service (but not data.)
Too bad if you lose or have your "trusted device" stolen. Sorry, but this is horrible system also for that reason.
OTOH, the simpler mandatory "questions" are also stupid. They're too easy to guess and some sites don't let you bypass them so you have to be clever about the answers somehow (e.g. mother's maiden name is so easy for someone to look up with online ID services if they already know your name, etc.; WTF would ANYONE use that or give it an honest answer as the reply?)
Of course, as a whole, passwords are required at so many places that keeping track of them all becomes a problem sooner rather than later and you don't want to use reuse the same passwords everywhere. Some sites require "strong" passwords with random capitalization and symbols, but how the hell are you supposed to remember them? (and you're NOT supposed to write them down...EVER).
So that leaves you with things like ONE PASSWORD, but they cost money and they require you have your own computer handy (i.e. forget checking e-mail at a cruise ship terminal or whatever) and you pray that the computer in question isn't stolen, etc. or you just lost your passwords once again.
But in my case, my iTunes apple ID (shared with family members), isn't the same as my iCloud ID (with MY calendar / mail / etc.). So I wasn't sure if I should do the findmyiphone authentication with the different ID.
Gary
This thing should use your personal iCloud Apple ID (which is free and doesn't have any purchases associated with it, just your mail, calendar, Find my iPhone, etc.). You can keep sharing the iTunes Store Apple ID (the one associated with all your App and iTunes purchases).
Can't you understand what he means???
Go to www.icloud.com right now. Enter your credentials. Hit RETURN. Wait, how come you were NOT asked for a 4-digit verification code??? DUH!
Tw-Step with "Find My Mac" Service?
Ok, so I know the two-step verifaction works with iOS devices via "Find My iPhone". But I don't see an option to push a verification code to my Mac...does this option exist?
If not, it sure seems like a glaring omission to only include mobile devices, especially when the "Find My Mac" infrastructure exists for Macs...
Ok, so I know the two-step verifaction works with iOS devices via "Find My iPhone". But I don't see an option to push a verification code to my Mac...does this option exist?
If not, it sure seems like a glaring omission to only include mobile devices, especially when the "Find My Mac" infrastructure exists for Macs...
That has nothing with what was said. The comment was that iCloud IDs and Apple IDs are two different things. They aren't. Any ID used with any Apple service, including iCloud, is an Apple ID.
The reason you aren't getting anything about a 4 digit code when you log in on the website is that they didn't include computers.
No, the reason you aren't getting a code is because it only includes making changes to the AppleID or making purchases. Sadly, it doesn't cover logging into iCloud at all; no two-factor auth there.
Every year Xbox Live required you to update and verify with a second email. Plus online Xbox when you input a code or look at your account Mircrosoft sends you a email with a code. My issue is trying to remember all my passwords and log ins for so many things. Wonders if there is a universal logger to keep track? I am using Bento atm but still how is one suppose to remember a few hundred different passwords?
I want to see how it works with my iTunes money account before messing with my iCloud account. If it's a hassle and I can't buy an app or in-app purchase it's not a crisis.
If I need my calendar / address book and it's a hassle, that's another issue. (If I've left my phone and don't have MY computer and need to login to check my calendar but can't get into the cloud since I need a code texted to me, that could be a problem.)
Gary
From what I understand, you will need to authorize your devices as "trusted devices" one time, and it's related to making purchases only. So all the calendar stuff should keep working as is.
Yea, I was wondering this myself. I was hoping to include my iMac as part of the two step verification process. Oh well. Maybe they'll push this on OSX 10.9 and also include a built-in "Find My Device" app too.
But the thing is I have two Apple IDs:
1) iTunes and Apps. (which are used on the other family iDevices)
2) iCloud. (which is my personal info and the findmyiphone)
Let's call them IDcloud and IDapps.
A) If I do the two-step for the IDapps, I'm not sure if I should authenticate the FindMyiPhone app with IDapps, normally I'd use IDcloud for that. Or am I just logging into the FindMyiPhone app with that ID, just as I would log in with a friend's ID if they lost their iPhone?
B) So you if you are using different IDs like me, you can't set up two step authentication for your iCloud data (like calendar, contacts, mail, etc.)?
Gary
Hopefully with some advanced, but more accessible functions of "Back to My Mac" for iOS
Correct. They have a password, but when they access their iDevices, they just swipe and they're in.