In light of the recent celebrity hacking, folks are rightly concerned about their privacy. So much of lives are routinely uploaded to the cloud, that often security surrounding these accounts can become an afterthought. Based on what Apple has said, the accounts in question were not a breach of iCloud or Find My iPhone. Make no mistake, passwords and account information was compromised, though we don’t know exactly how this happened. Apple does provide users with access to an added layer of security which is known as two-factor authentication, in fact their recent statement suggests users concerned with security implement this on their accounts. Here’s how to setup two-factor verification for Apple ID and how it all works.

Two step verification Apple ID

Two-step verification or TSV is an added layer of security that can protect your account, and more importantly your data, should your password be compromised. Yes, someone can have your password and still not be granted access to your data. When setup, a four digit code or recovery key is needed and that can only be retrieved from a trusted device that you.

Your Apple ID is central to your iOS experience. It’s used for iTunes purchases, the App Store and your iCloud account. If Apple starts offering mobile payments with the iPhone 6 and iOS 8, it could be used to pay for goods and services at a host of retailers. Simply put, if there is one account worth securing, it’s your Apple ID. Thankfully, Apple provides two-setup verification for Apple ID accounts and here’s how we set it up.

How do I set up two-step verification?

  1. Go to My Apple ID.
  2. Select Manage your Apple ID and sign in.
  3. Select Password and Security.
  4. You’ll be prompted to ‘Continue‘. Here you’ll be reminded of how two-step verification works. No longer do you need to remember your security questions, which at times can be guessed. Your password can only be reset with a trusted device and a recovery key.
  5. With the disclaimers out of the way, tap on ‘Get Started‘.
  6. Once you complete this step, you’ll enter a three-day waiting period. Any and all email accounts that are verified with your Apple ID will be notified of the impending change request to add two-setp verification.
  7. At the completion of three days, you can sign-in to My Apple ID and complete the process. It’s at this point, you’ll be able to initiate the steps for creating trusted devices, along with receiving your ‘Recovery Key’

Apple ID Password and Security

Get started two step

Important: Your ‘Recovery Key’ that will enable access to your account, in the event you lose your device or your password. It’s important you keep this at home for safekeeping.

Important: Apple will not reset your password on your behalf.

Expect The Unexpected

Prior to today, I had yet to setup two-step verification with Apple. I do have it setup with my Google and Microsoft accounts. Today, I was able to complete the security trifecta, but it wasn’t without a few hurdles. For one, I’ve got to wait three days to move forward with the final steps of adding trusted devices coupled with receiving my recovery key. I don’t expect anything drastic from what I’ve outlined, but will certainly update the article as necessary. It’s interesting that prior to accessing my Apple ID account, I was locked out from making changes until I changed my password to something more stringent. I was greeted with a message that the password I’ve had since the early days of MobileMe was ‘too easy to guess’. No, it wasn’t password. Apple requires one capital letter, one number and it must be a minimum of eight characters.

Improve password

The Internet is filled with unsavory characters, many of which spend a good portion of their day looking illegally access accounts. Two-step verification isn’t the easiest process, but it’s necessary in a world where our data is being uploaded to the cloud, making security of accounts vital. No system is perfect, but outside of the nuclear option, securing your account with a robust password and two-factor verification is the best possible path to keeping your information secure.