How to Enable Two-Step Verification for Apple ID

MacRumors

macrumors bot
Original poster
Apr 12, 2001
50,026
11,306



Apple introduced an additional layer of security for iPhone, iPad and Mac users in 2013 by rolling out two-step verification for Apple ID accounts. Two-step verification prevents anyone but you from accessing your Apple ID account, even if they know the password, by requiring a four-digit verification code sent via SMS or Find My iPhone on trusted devices. When you enable two-step verification, you must register at least one trusted device capable of receiving SMS text messages.


Once activated, two-step authentication is required when managing your Apple ID through My Apple ID, signing into iCloud, or making iTunes, iBooks or App Store purchases from a new device. Apple has also expanded two-step authentication to iMessage and FaceTime, requiring users to input an authentication code from a verified device on accounts that have two-factor verification enabled to prevent unauthorized entry attempts through both services.

Click here to read more...

Article Link: How to Enable Two-Step Verification for Apple ID
 

thefourthpope

macrumors 65816
Sep 8, 2007
1,012
260
DelMarVa
This security isn't worth the hassle for me. I'm constantly prompted to sign in to facetime and iMessages on my home mini, mb air, and work iMac. Then I get notifications on each plus iPhone and iPads that I signed in on one of those computers. And continuing the minor annoyance factor, iMessages still doesn't reliably sync read/deleted messages, so I get to delete Google or Evernote two-step verification texts four or five times.
This is just adding a new layer of notifications that I tend to think I don't want.

Please note: I have twice specified that this is my experience and my opinion. YMMV.
 

ArtOfWarfare

macrumors G3
Nov 26, 2007
8,892
4,704
This is dumb.

Wasn't the iPhone's fingerprint scanner supposed to do away with passwords?
 

taxiapple

macrumors regular
Jun 9, 2009
190
23
Thought I would do it.....but before I could enable it, it wanted me to change my password.
My password is pretty good already and Apple has already made me change it at least once before.
I'm not interested.
 

Mtmspa

Suspended
May 13, 2013
1,006
782
By making the option available, Apple is putting the security responsibility on the user, where it belongs. If you choose to not use it or use weak passwords, you can only blame yourself.
 

iMerik

macrumors 6502a
May 3, 2011
603
444
Upper Midwest
This is dumb.

Wasn't the iPhone's fingerprint scanner supposed to do away with passwords?
But say I'm logging into iCloud on a PC, I log in with my credentials and then it sends a code to my verified iOS devices (iPhone in my case) that I have to type into iCloud. This is a good use of two-step verification (multifactor authentication), and I don't see how Touch ID would replace it.

The fingerprint scanner does do away with some instances of needing passwords on your phone, and this has grown to some third-party apps since the release of iOS 8 and opening up the iCloud Keychain. I imagine this will continue to grow.
 

macintologist

macrumors 6502
May 3, 2004
468
564
Protip, if you want to set this up for your elderly parents, add your personal cell phone as an additional second factor method, that way you can provide tech support much easier.

Also, have your significant other's cell phone be a 2nd factor for your account, and your cell be a 2nd factor for your SO's account. You can have multiple cell phone numbers as 2nd factors.
 

carlgo

macrumors 68000
Dec 29, 2006
1,806
17
Monterey CA
Protip, if you want to set this up for your elderly parents, add your personal cell phone as an additional second factor method, that way you can provide tech support much easier.

Also, have your significant other's cell phone be a 2nd factor for your account, and your cell be a 2nd factor for your SO's account. You can have multiple cell phone numbers as 2nd factors.

What?

----------

2 factor auth is not available in my country.

Be thankful.
 

mac1984user

macrumors 6502a
Dec 10, 2009
805
357
United Kingdom
Just integrate a fingerprint scanner into my Mac if you have to. I'm not going to fiddle around for my phone for a second form of ID. Now an Apple Watch? Maybe...
 

l00pback

macrumors regular
May 28, 2010
134
131
This security isn't worth the hassle for me. I'm constantly prompted to sign in to facetime and iMessages on my home mini, mb air, and work iMac. Then I get notifications on each plus iPhone and iPads that I signed in on one of those computers. And continuing the minor annoyance factor, iMessages still doesn't reliably sync read/deleted messages, so I get to delete Google or Evernote two-step verification texts four or five times.
This is just adding a new layer of notifications that I tend to think I don't want.

Please note: I have twice specified that this is my experience and my opinion. YMMV.

That does sound annoying. Too many notifications. I use Google's Authenticator, and Symantic's VIP Access apps. I prefer these types of code generators over codes being pushed. Even the Facebook app will generate codes. I just can't figure out how to make them stop sending them via SMS, too. THIS is the way to do it, IM(NV)HO.
(In My [Not Very] Humble Opinion)
 

iMerik

macrumors 6502a
May 3, 2011
603
444
Upper Midwest
That does sound annoying. Too many notifications. I use Google's Authenticator, and Symantic's VIP Access apps. I prefer these types of code generators over codes being pushed. Even the Facebook app will generate codes. I just can't figure out how to make them stop sending them via SMS, too. THIS is the way to do it, IM(NV)HO.
(In My [Not Very] Humble Opinion)
I also prefer Google Authenticator for every service that supports it. Actually, I use Authy now, which supports Google Authenticator tokens.
 

iMerik

macrumors 6502a
May 3, 2011
603
444
Upper Midwest
Basically, if you and your SO both have Apple IDs, add each others cell phone numbers to the list of 2nd factor devices.
Pretty straightforward what you are saying. I currently have two-step verification enabled with my phone as both my iOS verified device and my SMS verified device. It makes sense to add someone you trust, like a spouse, to the SMS verified device list in case your phone goes missing. It acts as sort of a backup to not needing to use the Recovery Key.

Speaking of the Recovery Key, take Apple seriously when they say you should keep it available but safe. Copy it into 1Password, LastPass, or similar software/service if you don't feel like keeping it on a piece of paper.
 

mw360

macrumors 68000
Aug 15, 2010
1,669
1,600
By making the option available, Apple is putting the security responsibility on the user, where it belongs. If you choose to not use it or use weak passwords, you can only blame yourself.

Sounds a lot like a touch of elitism you have there.

What you're advocating is that a user's security be proportional to their understanding of dictionary attacks, rainbow tables, password entropy and other nerdy esoterica. Why would you want that, and more to the point, why would Apple, of all companies want that? Apple has people who know this stuff inside out. Why shouldn't the users benefit from that knowledge directly, instead of having to learn it all in parallel from blogs and forums?

----------

This security isn't worth the hassle for me. I'm constantly prompted to sign in to facetime and iMessages on my home mini, mb air, and work iMac. Then I get notifications on each plus iPhone and iPads that I signed in on one of those computers. And continuing the minor annoyance factor, iMessages still doesn't reliably sync read/deleted messages, so I get to delete Google or Evernote two-step verification texts four or five times.
This is just adding a new layer of notifications that I tend to think I don't want.

Please note: I have twice specified that this is my experience and my opinion. YMMV.

I completely agree. The spurious password popups on iOS that give absolutely no reason why you should be entering your password again, are ripe for exploitation. It's training users to give away their passwords to any popup that asks for it.
 

mw360

macrumors 68000
Aug 15, 2010
1,669
1,600
But say I'm logging into iCloud on a PC, I log in with my credentials and then it sends a code to my verified iOS devices (iPhone in my case) that I have to type into iCloud. This is a good use of two-step verification (multifactor authentication), and I don't see how Touch ID would replace it.

You don't see how?

Say I'm logging into any internet service on a PC, I log in with my username only and then the server sends a request via Apple to my verified iOS devices (iPhone in my case) that I have to touch the fingerprint sensor to complete the login.

That would be great, no? Very simple. And also quite simple to add extra security layers for those who don't trust the sensor alone.
 

bikeoid

macrumors newbie
Jul 3, 2010
16
3
Not usable by me in the case of a lost iPhone - I go to log into a PC to track my stolen phone and the thief gets the 4 digit pass code?!
 

ArmCortexA8

macrumors 6502a
Feb 18, 2010
995
167
Terra Australis
WTF do you need 2 factor authentication - are people really this stupid, and trusting people with more security is just asking for more issues. Ive never had my account hacked, no odd charges, and don't keep my CC / DC on my account. I suspect these hacked accounts are because people are submitting information via non-secure means and responding to those - easy to tell - fake emails - again they deserver it if caught. Might teach them a lesson. This adds more complexity to an existing issue - how the hell is that going to make this better? When are people going to learn?
 

doctor-don

macrumors 68000
Dec 26, 2008
1,581
317
Georgia USA
Just cut off the heads of the hackers. That'll stop them - permanently.
Those AirHeads ruin people's lives and do not deserve to exist.
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.