Apple has finally added Two-Factor Authentication capability to Apple IDs to protect your account from hackers who attempt to gain access to your iCloud account, your iDevices (via the Find my iDevice feature) and other risks.

This has been something that is missing from Apple’s account security while many other competing systems and services have offered it for years. Without it, your Apple accounts and your devices, including MacBook laptops, are at risk from a fairly simple security hack.

I would highly recommend enabling two-factor authentication to anyone who uses a system capable of this feature.

Two-Factor Authentication is an easy way to secure your accounts and essentially makes it so you log-in to your accounts with two things: “something you know” (your password), and “something you have immediate access to,” (Text Messages, in this case). Apple calls their version “Two-Step Verification”.

Here is how to set it up on an Apple ID:

  • Sign in to your AppleID (http://appleid.apple.com  )
  • Select “Password and Security”. You will be prompted to enter the answers to your security questions.
  • Under “Two-Step Verification,” select “Get Started” and follow the instructions as displayed.

The screen will show your registered devices. You should see the devices you are using. If not, enable “Find My iPhone” on your device (Settings > iCloud). Click “Verify” and the system will send you a four digit number, which you will need to enter via the website’s setup process.

In the next step the site will generate and display a recovery key. Important: Print or write down the recovery key and keep it in a safe place. This is the only way to regain access to your account if you forget your password or lose your device.

Confirm your recovery key by retyping it when prompted, and then click “Enable Two-Step Verification.”

Once Two-Factor Authentication is set up, Apple will send you a four-digit code each time you attempt to make purchases in the App Store, iTunes, iBookstore or access your account with an unrecognized device. Even if someone guesses your password, unless they have your device with them, they would not be able to easily guess the four-digit code, which is only valid for a short period of time, by the way.

It is an extra step (no pun intended) in that you will have to enter both your password and the four-digit code when accessing your account for purchases or security changes, but it is well worth another layer of protection.

If you have questions on setting it up, check out Apple’s support page: support.apple.com/kb/HT5570

Also, check out this sad story that shows precisely why Two-Factor Authentication is so necessary: (It could happen to anyone)
www.wired.com/gadgetlab/2012/08/apple-amazon-mat-honan-hacking/all/

Interphase Systems can help protect your firm. We know IT™.

Contact us today! info@interphasesystems.com – 610-276-5500.

Share this important tip with your colleagues.