I’ve written previously about how using strong, unique passwords and also ensuring that your devices are always up-to-date are important ways to stay secure online. In this article, I’m going to cover how to ensure that you are the only one that can sign in to your account. It’s called two-factor authentication, which is quite a mouthful, but is simple to set up, simple to use, and is a big improvement over just using a password.
What Is It?
While the term two-factor authentication sounds very techie and complicated, it’s really a pretty simple concept. It means using two different ways, or factors, to verify your identify instead of only one.
Using a password is the most common single factor to prove your identify when signing in to an account. But, if someone steals or guesses your password, then they can, in essence, prove that they are you, and gain access to the account.
Two-factor Authentication requires a second way to prove your identity. The most common way this works is that after you enter your password, a code is sent to your phone that you must then also enter. So, not only have you proven your identity with your password, but since you also are able to enter a code that you received on your phone, you’ve doubly proved it. If someone does steal your password, they won’t be able to sign in because they won’t also have the code needed.
Where Is It Used?
In this article, I’m going to cover turning on two-factor authentication for your Apple account. Many companies, such as banks and other financial institutions have also started to implement two-factor authentication on their accounts to better protect their customers. If you have a chance to turn this feature on for other accounts, I strongly encourage you to do so. Each company will have its own method for setting up and then using it, so you’ll need to follow their instructions.
You only need to set up two-factor authentication once, using one of your devices (iPhone, iPad, or Mac), since it is tied to your Apple account and not your device.
Go to Settings, tap your name at the top of the list, then tap Password & Security. You may have to enter your Apple ID password before continuing.
If Two-Factor Authentication is already turned on for your account, then skip down to the Trusted Phone Number section below.
If it is turned off, tap Turn On Two-Factor Authentication and you’ll see the Apple ID Security page. Tap Continue.
Next, you’ll be asked to enter a phone number. Use your own phone number here, as this will be the main number used to verify your identity. You might also be asked to answer the security questions you originally set up on your account.
Once you enter your phone number, tap Next at the top of the screen:
You will receive a text message on your phone with a verification code. Go to the Messages app to find the code, then come back to Settings to enter it:
Once you do that, your device will ask you to enter its passcode, so go ahead and enter it:
You’ve now set up two-factor authentication and have substantially increased the security of your Apple account. Any iPhones, iPads, or Macs that are already signed in with your Apple ID are now your trusted devices and will receive verification codes (more on this below) when needed.
Trusted Phone Numbers
Now that you have two-factor authentication enabled, there is another step I strongly recommend: adding another trusted phone number to your account. Here’s why: if you ever lose your phone or it becomes inoperable, you won’t have a way to receive the verification code you’ll need to sign in to your account.
Note: if you also have an iPad or a Mac, those devices will receive verification codes as well, so you don’t strictly need to add another phone number, but it is still a good idea.
I suggest adding the phone number of someone that’s usually near or easily reachable, such as a family member or close friend.
To do this, go to the main list in Settings, and tap on your name at the top of the list, and then tap Password & Security:
Now, tap Edit in the Trusted Phone Number section, and then tap Add a Trusted Phone Number:
If asked for your device passcode, enter it and then enter the additional phone number and tap Send at the top of the page:
The phone number you just entered will receive a text message with a code, which you will need to enter:
Now you’ve got a back-up trusted phone number when you need it.
Using Two-Factor Authentication
Now that you have two-factor authentication enabled for your account, when you sign in to an Apple web site or a new Apple device, you will enter your password as always, but your trusted devices will be sent a verification code, which you will need to enter as well.
For example, when you log in at Apple’s account management web site, you’ll enter your password as usual…
…but then you’ll also be asked to enter a verification code:
On your trusted device, you’ll see an alert telling you someone is trying to sign in and their approximate location. If your device is locked, you’ll see a notification on the lock screen:
Tap that notification and unlock your device, then you’ll see the alert. Tap Allow and you’ll be shown the verification code:
Enter the verification code where you are attempting to sign in, which in this case, is the Apple web site, and you will finish signing in.
If you receive the Apple ID Sign In Requested alert shown above when you’re not signing in, then tap Don’t Allow. This will stop the sign in attempt and keep your account safe. You should still change your password right away since someone else must have your password. To do that, go to Settings, tap on your name at the top of the list, then tap Password & Security, then tap Change Password and follow the instructions.
Your Apple account is now much more secure, which means all the information you store with Apple (photos, emails, files, notes, etc.) is also more secure. While you may see this added sign-in step as a nuisance when it’s required, it’s definitely worth it to ensure that only you can access your account and information.
For instructions using a Mac, see Apple’s Two-Factor Authentication Article.