Posted 2016-09-30 07:00 in by Don Mayer
How secure is YOUR Apple ID? Remember when all those celebrities had their iCloud accounts hacked? Did it make you wonder about your data? There is good news, you can do the two-step! In this article, I will explain the difference between two-step verification and two-step authentication both of which can help make your Apple ID and data more secure.
I really didn’t know much about two-step authentication until I started testing the Mac OS Sierra beta and the Watch OS beta to play around with unlocking my Mac with my Apple Watch. I love that capability and I know you will, too. In order to take advantage of this unlocking feature I had to activate two-step authentication. So, I did that and I will show you how. But then I noticed that I was not getting any mail from my iCloud email address. Well, it turns out that if you are using apps that do not support two-step authentication, such as my favorite email client – Airmail, that you need to generate an app-specific password. That got me interested in the two-step and I don’t mean line dancing.
Which two-step? Two-step Authentication.
Two-step verification will require you to enter a 4-digit code sent to one of your devices. Apple requires two-step verification for many of the sites we use for sales and service information. When I surf over to those sites and enter my Apple ID and password it will ask if I want to send a code. When I say yes, a four digit code is sent to my devices that are registered with Apple. Usually, that means I simultaneously get the code on my Mac, my iPad, my iPhone and my Apple Watch. Once I enter the code, I gain access to the site. Two step verification protects your Apple ID even if someone knows your password. Two-step verification, once activated is needed whenever you:
- Sign in to your Apple ID account page
- Sign in to iCloud on a new device or at iCloud.com
- Sign in to Messages, Game Center, or FaceTime
- Make an iTunes, iBooks, or App Store purchase from a new device
- Get Apple ID related support from Apple
To set up two-step verification you have to surf over to the Apple ID account page – https://appleid.apple.com/#!&page=signin
Sign-in and under two-step verification click “getting started” and answer your security questions and follow the steps to finish setting it up.
Two-step Authentication is a more advanced security feature built into the later operating systems. So, before you activate it make sure you meet or exceed these requirements:
- iPhone, iPad, or iPod touch with iOS 9
- Mac with OS X El Capitan and iTunes 12.3
- Apple Watch with watchOS 2
- Windows PC with iCloud for Windows v5 and iTunes 12.3.3
With two-step authentication, your account can only be accessed on devices you trust, like your iPhone, iPad, or Mac. When you want to sign in to a new device for the first time, you’ll need to provide two pieces of information—your password and the six-digit verification code that’s automatically displayed on your trusted devices. By entering the code, you’re verifying that you trust the new device. For example, if you have an iPad and are signing into your account for the first time on a newly purchased Mac, you’ll be prompted to enter your password and the verification code that’s automatically displayed on your iPad.
The good thing about authentication is that once you have signed in you won’t be asked for a verification code for that device again, unless you sign-out completely, erase the device or change your password. When you sign in on the web, you will be asked if you want to trust your browser so you won’t be asked for a verification code the next time you sign in from that computer.
The code is sent to a “trusted device or phone number”. A trusted device is an iPhone, iPad, iPod touch or Mac that you have already signed in to using two-factor authentication. It is a device that Apple knows is yours and can be used to display an authentication code. A trusted phone is a phone number that can be used to receive a text or phone call with the code. You MUST have at least one trusted phone number to utilize two-step authentication.
Two-factor authentication is currently available to iCloud users with at least one device that’s using iOS 9 or OS X El Capitan or later.
Follow these steps to turn on two-step authentication.
On your iPhone, iPad, or iPod touch with iOS 9 or later:
- Go to Settings > iCloud > tap your Apple ID.
- Tap Password & Security.
- Tap Turn on Two-Factor Authentication.
On your Mac with OS X El Capitan or later:
- Go to Apple () menu > System Preferences > iCloud > Account Details.
- Click Security.
- Click Turn on Two-Factor Authentication.
A few things to remember once you have activated two-factor authentication. Keep you trusted phone numbers up to date. You can do this at the AppleID account page. At that page you can also view and manage your trusted devices. So, if you sell your Mac to upgrade, you want to remove it here.
This is what led me to learn all I can about the two-step. As you may know, I run AirMail as my email client. I love it and am part of their beta program, too. But it is not Apple’s Mail client (which does NOT require an app-specific password). But for AirMail and other apps that might need to utilize your Apple ID you can generate a password just for that app. You will need one of these special passwords for each device. So, when I generated an app-specific password for my Mac it only works for my Mac for that one app. I had to generate another for my iPad and one for my iPhone too, since they are all running AirMail.
Here’s how you generate an app-specific password:
- Sign in to your Apple ID account page.
- In the Security section, click Edit.
- Click Generate Password and follow the steps on your screen.
- After you generate your app-specific password, enter or paste it into the password field of the app as you would normally.
You will be asked to name this password and I recommend that you make it as specific as possible so you can manage these later. So, in my case I named them “AirMail-Mac”,“AirMail-iPhone”, etc.
You can have up to 25 app-specific passwords and can manage them at your Apple ID account page.
I do recommend that all users activate two-factor authentication. It is the most unobtrusive and easiest to use manner of protecting your Apple ID and hence, anything that might be connected with it. Just get out there and do the two-step!