Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

MacRumors

macrumors bot
Original poster
Apr 12, 2001
57,992
21,004



Apple recently emailed Apple ID users with two-step verification enabled to inform them that, upon installing iOS 11 or macOS High Sierra, they will be automatically updated to its newer two-factor authentication method.

ios_11_two_factor_authentication.jpg

Apple introduced two-factor authentication in 2015 as an improved version of its two-step verification method for securing an Apple ID account with both a password and a secondary form of verification. Two-factor authentication requires an Apple device with iOS 9, OS X El Capitan, watchOS 2, any tvOS version, or later.

The two security methods are similar in many ways, but two-factor authentication automatically sends a six-digit verification code to all trusted devices registered to a given Apple ID, whereas two-step verification manually prompts users to send a four-digit code to any SMS-capable trusted device registered.

Two-factor authentication also displays a map on all trusted devices with an approximate location of where an Apple ID sign-in attempt occurred when a user is trying to access the account from an unknown device or on the web.

macos-sign-in-2fa.jpg

Apple's two-factor authentication method disables the Recovery Key by default, since offline verification codes can be generated on trusted devices in the Settings app. On iOS, users can still enable the Recovery Key as a backup method in Settings > Apple ID > Password & Security > Recovery Key.

The full text of the email is copied below:
If you install the iOS 11 or macOS High Sierra public betas this summer and meet the basic requirements, your Apple ID will be automatically updated to use two-factor authentication. This is our most advanced, easy-to-use account security, and it's required to use some of the latest features of iOS, macOS, and iCloud.

Once updated, you'll get the same extra layer of security you enjoy with two-step verification today, but with an even better user experience. Verification codes will be displayed on your trusted devices automatically whenever you sign in, and you will no longer need to keep a printed recovery key to make sure you can reset a forgotten password.
iOS 11 and macOS High Sierra public betas will be available in late June through the Apple Beta Software Program. The software updates will be available for all eligible iOS devices and Macs in the fall.

Article Link: Apple Migrating iOS 11 and macOS High Sierra Users With Two-Step Verification to Two-Factor Authentication
 
  • Like
Reactions: MOU

splitpea

macrumors 65816
Oct 21, 2009
1,062
331
Among the starlings
So... does that mean that those of us who use our Apple IDs with devices that remain on older OS versions will no longer be able to authenticate on those older devices if we upgrade any of the others?
 
  • Like
Reactions: John.B

Amazing Iceman

macrumors 601
Nov 8, 2008
4,645
2,889
Florida, U.S.A.
So... does that mean that those of us who use our Apple IDs with devices that remain on older OS versions will no longer be able to authenticate on those older devices if we upgrade any of the others?
There's a workaround for older devices. The instructions to authenticate are slightly different. Just pay attention at the prompt and make sure to understand it and then follow the instructions.
 

LordQ

Suspended
Sep 22, 2012
3,582
5,652
So... does that mean that those of us who use our Apple IDs with devices that remain on older OS versions will no longer be able to authenticate on those older devices if we upgrade any of the others?
I have an iPad 1 and an Apple TV 3, In order to authenticate Apple will send you the 4-digit access code, you will then need to type your usual password followed by the 4 numbers. Easy :)
 

Joe Rossignol

Senior News Reporter
Staff member
May 12, 2012
787
2,596
Canada
I got that email last week and it was not at all clear what they were saying or what the difference is between the two methods. Very un-Apple.

This article makes it clear. I hope it's based on an updated form of the mail.
They only sent the one email. I received it too, and did some research into it. Glad it helps!
 

DCYorke

macrumors member
Apr 7, 2010
42
180
None of my devices have the option for a recovery key (Settings > Apple ID > Password & Security > Recovery Key). I know MacRumors is in Canada, I'm in the states. Could this be a regional thing?
 

kavi91

macrumors newbie
Jun 12, 2017
2
0
"Apple's two-factor authentication method disables the Recovery Key by default, since offline verification codes can be generated on trusted devices in the Settings app. On iOS, users can still enable the Recovery Key as a backup method in Settings > Apple ID > Password & Security > Recovery Key."

There is NOT an option to generate a recovery key as a backup method. The recovery key only applies to 2 Step users not 2 Factor.
[doublepost=1497284910][/doublepost]
None of my devices have the option for a recovery key (Settings > Apple ID > Password & Security > Recovery Key). I know MacRumors is in Canada, I'm in the states. Could this be a regional thing?

There is NOT an option to generate a recovery key as a backup method. The recovery key only applies to 2 Step users not 2 Factor.
 

atbaldwin

macrumors newbie
Sep 24, 2014
10
2
What if you only own one or only currently have access to one Apple device? I must be misunderstanding because it seems like a prerequisite to using an Apple ID going forward is that you own - and have reliable/frequent access to - at least two Apple devices.

Please tell me I'm wrong. Please?
 

vmachiel

macrumors 68000
Feb 15, 2011
1,759
1,308
Holland
So... does that mean that those of us who use our Apple IDs with devices that remain on older OS versions will no longer be able to authenticate on those older devices if we upgrade any of the others?

Nothing. Factor auth works since iOS 9.
[doublepost=1497285180][/doublepost]
What if you only own one or only currently have access to one Apple device? I must be misunderstanding because it seems like a prerequisite to using an Apple ID going forward is that you own - and have reliable/frequent access to - at least two Apple devices.

Please tell me I'm wrong. Please?

It's not mandatory to use two factor, it's just an upgrade from two step.
 

kavi91

macrumors newbie
Jun 12, 2017
2
0
You should be able to use two factor with just one device, because remember you set up a phone number as a backup and apple will be able to send SMS to that number.
 

GrumpyMom

macrumors G4
Sep 11, 2014
10,878
16,721
What if you only own one or only currently have access to one Apple device? I must be misunderstanding because it seems like a prerequisite to using an Apple ID going forward is that you own - and have reliable/frequent access to - at least two Apple devices.

Please tell me I'm wrong. Please?
Welcome to the forum. I have difficulty understanding any of this myself. It's not the type of information I can process on only one cup of tea like I limited myself to this morning. I need one and a half cups of coffee and to actually be attempting to do the whatevers and whatsahoozits involved. I'm a learn as I do kind of person, usually.

Fortunately when my husband isn't available to help me the staff and members here have so far been able to get me out of all the jams.

This would hopelessly confuse my elderly inlaws. We don't even password protect their iPad anymore. That was a complete disaster when my sister in law did that to them. They only use the iPad to play card games and read the news.
 
  • Like
Reactions: centauratlas

Joe Rossignol

Senior News Reporter
Staff member
May 12, 2012
787
2,596
Canada
"Apple's two-factor authentication method disables the Recovery Key by default, since offline verification codes can be generated on trusted devices in the Settings app. On iOS, users can still enable the Recovery Key as a backup method in Settings > Apple ID > Password & Security > Recovery Key."

There is NOT an option to generate a recovery key as a backup method. The recovery key only applies to 2 Step users not 2 Factor.
[doublepost=1497284910][/doublepost]

There is NOT an option to generate a recovery key as a backup method. The recovery key only applies to 2 Step users not 2 Factor.
That's odd.

I have Two-Factor Authentication enabled and see the Recovery Key option still on the iOS 11 developer beta.
 

drjeffsykes

macrumors newbie
Jun 23, 2010
9
0
You should be able to use two factor with just one device, because remember you set up a phone number as a backup and apple will be able to send SMS to that number.

I can attest to this. My wife's iCloud account is used only for her phone. When we bought new phones last month, the two-factor authorization was required to complete the setup. When the new phone asked for the code that was sent to her trusted device, we simply responded that no code was received and were then given the option of having it sent by text to her number. The new phone received the code and automatically processed it, allowing the setup to proceed.
 

danmart

macrumors 68000
Apr 24, 2015
1,522
1,023
Lancs, UK
I wonder if the map will show an accurate location for UK users other than just showing London? I'm almost never in London.

This confuses my dad no-end when he gets a message.
 
  • Like
Reactions: 69650

Apple_Robert

Contributor
Sep 21, 2012
31,087
41,690
In the middle of several books.
I have iOS 11 installed and don't recall getting an email from Apple. Haven't upgrades to MacOS High Sierra, yet. Would have been good if Apple left a message on the Developer account as well. I would have definitely seen it then.
 

justperry

macrumors G5
Aug 10, 2007
12,344
9,512
I'm a rolling stone.
"Apple's two-factor authentication method disables the Recovery Key by default, since offline verification codes can be generated on trusted devices in the Settings app. On iOS, users can still enable the Recovery Key as a backup method in Settings > Apple ID > Password & Security > Recovery Key."

There is NOT an option to generate a recovery key as a backup method. The recovery key only applies to 2 Step users not 2 Factor.
[doublepost=1497284910][/doublepost]

There is NOT an option to generate a recovery key as a backup method. The recovery key only applies to 2 Step users not 2 Factor.

That's odd.

I have Two-Factor Authentication enabled and see the Recovery Key option still on the iOS 11 developer beta.

Same here, it's there, even on iOS with Two Factor enabled.
 

MJedi

macrumors 6502a
Dec 16, 2010
872
347
I had to switch from to 2 Factor in order to use the Unlock with Apple Watch feature on Sierra. I wish there was an option to choose which devices get the verification code. Right now, it gets sent to EVERY DEVICE where my iCloud account is logged in. That's annoying, and could potentially be a security issue.
 

PBG4 Dude

macrumors 68040
Jul 6, 2007
3,957
3,968
So... does that mean that those of us who use our Apple IDs with devices that remain on older OS versions will no longer be able to authenticate on those older devices if we upgrade any of the others?
So far, I cannot log into my Apple ID on my iPad 1, the very first model from 2010. It's a bit frustrating.
The message says to input the two factor code but there is no way to do so.
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.