Apple has announced the roll out of a two-step verification system for it’s Apple ID user accounts. Many other web services, such as Dropbox and Google, already have this feature enabled. When enabled, two-step verification will make your Apple ID almost impossible to hack, and will drastically reduce the chances of identity theft.
How does it work?
Two-step verification is an approach to authentication that requires you to enter the second password, or PIN, which is displayed on a separate device that is in your possession. Security is increased because the PIN in the second step to the authentication process can only be seen by the person in possession of the device.
Two-step verification has been around for a long time in many different forms. In the case of Apple, when you sign into your Apple ID account, make an iTunes, App Store or iBookstore purchase, a code will be displayed on one of your devices.
When you enable the feature you will be required to register one or more devices, such as an iPhone, iPod, or iPad. You can also enable a non-Apple device such as a mobile phone with SMS., but not a landline or a VOIP (Voice Over IP) service.
After you enter your username and password the code will be sent to your registered device. Enter the code and you will be able to access your account.
The disadvantage to this system is that it’s impossible to access the service if you lose your device. And some people find having to enter an extra code really annoying.
How to enable two-step verification for your Apple ID
To set up two-step verification go to My Apple ID and click on “Manage Your Apple ID,” and sign in.
Select “Password and Security.”
Under Two-Step Verification, select “Get Started” and then click “Continue” to begin the process.
Read the warning screen and click “Continue.”
From the next screen, you can choose from your registered devices, use Find My iPhone to send the verification to any phone with this function turned on, or add an SMS-enabled mobile phone. I am adding an SMS-enabled mobile phone.
Enter your phone number and click “Continue.”
The verification code will be sent to your phone or device. Enter the code in the next step and click verify.
On the next screen, you’re given a Recovery Key. Write down or print the key and click “Continue.”
On the next screen enter your Recovery Key and click “Confirm.”
The final step requires you to agree to the conditions and then click on “Enable Two-Step Verification.”
When your device or phone is verified it will be in the list of trusted devices.
Is it necessary?
After the recent high profile cases of Wired’s Mat Honan and Dropbox accounts getting hacked, two-step verification has, unfortunately, become necessary. Granted, these high profile accounts are more of a target than most of will ever be. But identity theft is a real problem, and enabling two-step verification makes it almost impossible for someone to get access to your information. I agree that it’s annoying at times, but at this stage, it’s the lesser of two evils.