Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Wait so it says "with Google Authenticator," does that mean that the client (in this case iOS 15) will work with Google's service? That's nice.
They mentioned Google Authenticator because they're the one most people are familiar with - but it's all based on a standard - RFC 6238. You've never really had to use Google's tool for this.
 
Was suppose to be available in 14. I've been with Authy since 2015... Gunna be tough to break away
Then don't. I make sure always to stay as platform independents as usual. I have iPhone and iPad Pro but I still use Bitwarden, Joplin, Authy, Dropbox, Signal, etc. Changing between iOS and Android takes 20 minutes and I'm all set, either direction. These also makes it easier to use e.g. a PC vs. a Mac since iCloud Notes/etc. are horrible on the PC.

I like that bit of potential freedom even if I'm enjoying my Apple devices...
 
  • Like
Reactions: peanuts_of_pathos
2FA support within iOS is great. Only reason I can’t use it is that if I disable iCloud Keychain on all devices accidentally, I will lose all passwords.
 
Apple finally getting around to putting out something they should have done 7 or 8 years ago. Better late than never seems to be the theme of Tim Cook’s reign. It’s sad that I get delighted nowadays when I see things being introduced by Apple that should have existed for years already.
 
  • Like
Reactions: peanuts_of_pathos
I just set this up for several of my accounts and it’s great. No more swiping out to open Authy, then copy/pasting the code. Now I get a FaceID pop up and the code automatically loads into the request field on the given site.
 
  • Like
Reactions: d.o.p. and Trenches
I just set this up for several of my accounts and it’s great. No more swiping out to open Authy, then copy/pasting the code. Now I get a FaceID pop up and the code automatically loads into the request field on the given site.
Now do it on your work computer not attached to your iCloud.

No really. How easy is it to get codes to type into a system that not connected to keychain? Can you pull up the codes on an Apple Watch?
 
Is this a great idea though? The whole idea of 2FA is to have a separate passphrase for authentication.
Now it's all controlled by one login on your apple device.
I'm not sure what you mean here. It's still a separate 2FA passcode, but it doubles up the security by eliminating the SMS vulnerability (porting for access, spoofing). I haven't seen the implementation yet, but I assume they'll be using the same TOTP (time-based one-time passcode) algorithm and a Face ID/Touch ID/PIN request to auto-fill.

If they're doing what I believe they're doing, this is awesome and something I have long been wanting.
 
  • Like
Reactions: peanuts_of_pathos
I just set this up for several of my accounts and it’s great. No more swiping out to open Authy, then copy/pasting the code. Now I get a FaceID pop up and the code automatically loads into the request field on the given site.
Confirmed the question I just had. Perfect implementation then!
 
  • Like
Reactions: crawfish963
Now do it on your work computer not attached to your iCloud.

No really. How easy is it to get codes to type into a system that not connected to keychain? Can you pull up the codes on an Apple Watch?
I can’t help you there. My personal computer isn’t used at work and I don’t have a Mac at work.
 
I think you are wrong, I switch to Authy which store in the cloud after losing all my codes in a iPhone restore using google authentication, it was so painful to do it all again that I promise never again. Honestly I think (with no real evidences) iCloud keychain is more secure that Authy.
Thats because Apple backup method sucks.
You have no access to ~/ like on the macOS, and you can't selectively restore directories and files nor access configs and mod them.

Relying on a single limited device without having a decent backups was the key issue in your case.
 
I still wish it was a standalone app as I don’t use safari for everything, and I’m not always using a Mac. Would be great if iCloud captures this though as I seem to lose the codes when transferring phones.
It's also available on macOS, iOS and iPadOS.

On Macs, you don't have to use Safari for the codes. It's also under System Preferences > Passwords. I believe it will be synced with iCloud Keychain.
 
  • Like
Reactions: peanuts_of_pathos
No? And where do you think your keychain is, or how it syncs between iPhone,iPad,Mac?
It surely is...
Yes, but it's end-to-end encryption. The poster could have meant that the plaintext passwords never hit the iCloud. Or I could just be giving them a free way to wiggle out of an argument. :D

The meat of end-to-end encryption is that, "the messages are encrypted by the sender but the third party does not have a means to decrypt them, and stores them encrypted. The recipients retrieve the encrypted data and decrypt it themselves."

But this topic landed me on this page (Apple Support: iCloud security overview) which was very clarifying for me. 128-bit AES encryption is indeed "industry standard", but it can be decrypted. Unless end-to-end encrypted, the private keys would need to be stored on Apple's servers because the same key used to encrypt is the key used to decrypt.

What I'm not really sure about is why law enforcement seems to have readily available access to iCloud Backups but not Messages. That article seems to imply that they would have access to stored messages, but it may be that end-to-end encryption also plays a role in Messages too. If not, hopefully that is introduced here at WWDC. Still reviewing updates! Lots of posts today!
 
I do not know if this is good or bad?
Won't really affect you if you already have a 2FA/password manager that you really like. For some of us who only own Apple devices, it will be convenient as it is integrated into the system.
 
Now do it on your work computer not attached to your iCloud.

No really. How easy is it to get codes to type into a system that not connected to keychain? Can you pull up the codes on an Apple Watch?
Then just go on your iPhone and under the Password in Settings, just like pressing Authy or whatever else on your phone to log onto something else.
 
Wait, can someone confirm that the codes are synced with Mac, iPad and other iOS devices (when updated to iOS 15 obviously)?
 
Very cool, except that 1Password offers a Windows app so I'll be sticking to it for the time being.
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.