Between viral infections that encrypt files, coordinated attacks on major financial institutions, exploits for leading SSL implementations that keep data safe during transmission, and unauthorized access of user's personal email accounts — security has definitely become a major concern for the enterprise and consumers alike. It's not just about having a password or a pin number, as those can be easily guessed or brute forced. Multi-factor authentication is the best defense against a myriad of attack vectors that seek to compromise data, gain access to bank accounts, and use personally identifiable information (PII) to steal our identities.
Major cloud service providers, like Google, have their own two-step verification protocols in place, and so does Apple. Let's review the requirements necessary to enable two-step verification and further protect your sensitive data:
- Open a browser window and navigate to the My Apple ID account management page. Click on the Manage your Apple ID button to begin (Figure A).
- Enter your Apple ID and password, the click the Sign In button to authenticate (Figure B).
- Click on Password and Security from the navigation pane after logging on (Figure C).
- You may be prompted to answer the default questions selected when creating the Apple ID initially. If so, enter the answers to the questions, and click Continue to proceed. If you do not remember the answers, click the Send reset security info link to reset these questions (Figure D).
- An optional step, but highly recommended, is to ensure that a secondary email account is linked to the Apple ID. This helps to recover your account in the event that the primary email account is offline or compromised (Figure E).
- Click the Get Started... link under the Two-Step Verification heading to begin the setup process (Figure F).
- You'll be shown a quick image that explains the basic process in enabling two-step verification. Click the Continue button to confirm you wish to proceed (Figure G).
- The following image explains how changes can be made after enabling two-step verification. Click Continue to proceed (Figure H).
- The final image before proceeding explains what's required when enabling two-factor verification. To begin, click the Get Started button (Figure I).
- Step 1 of 4 will require a cellular phone with SMS (text) capability (Figure J).
- Clicking the Add a phone number link will allow you to link a telephone number to the Apple ID account (Figure K).
- Click the Next button to receive a text message with a four-digit pin. Enter this pin and click the Verify button to authorize the device with the Apple ID (Figure L).
- In step 2 of 4, Apple will generate a random Recovery Key for your Apple ID account. Be sure to save this key in a private, secure location since this key will only be generated once. Furthermore, this Recovery Key will serve as one method to authenticate your account in the two-step verification process. Please note: Apple cannot regenerate this key, so please take great care in storing it (Figure M).
- To link the Recovery Key to the Apple ID, it will need to be manually entered into the input box in step 3. Click the Confirm button to verify the key (Figure N).
- The final step, step 4 in the two-step verification setup process, will review the conditions of two-step verification and require the end user to check the box in acknowledgement of these conditions. Click the Enable Two-Step Verification button to complete the process (Figure O).
- After visual confirmation that Two-Step Verification has been enabled, click Done to return to the Apple ID Menu (Figure P).
- If you would wish to optionally test how two-step verification works, navigate to the iCloud website and enter your Apple ID to authenticate (Figure Q).
- After authenticating initially, all of the web apps (except Find My iPhone) will be locked to prevent access to sensitive data stored within each application (Figure R).
- To unlock access, you need to verify yourself to the system. Click on the Verify link to perform the second portion of the two-step verification process (Figure S).
- Choose a trusted device from the list, and click the Next link (Figure T).
- The selected device will receive a temporary four-digit pin that will need to be entered in the verification fields displayed on-screen (Figure U).
- If the code is entered successfully, verification will occur and the web apps will now be unlocked and may be used as they would normally work (Figure V).
Once you've completed working within iCloud, don't forget to logout, because that will close the session and reset the two-step verification process, preventing others from accessing your data.
An additional benefit to enabling two-step verification is the alert that's triggered when an unauthorized party attempts to access your iCloud account. The SMS only goes to authorized devices. So, if you receive a code text without initiating a session, that's a great tip-off that someone may be trying to gain access to your data without your consent.
Do you use two-step verification on your Apple devices? Share your experience, plus any tips or tricks you encountered along the way, in the discussion thread below.
Jesus Vigo is a Network Administrator by day and owner of Mac|Jesus, LLC, specializing in Mac and Windows integration and providing solutions to small- and medium-size businesses. He brings 19 years of experience and multiple certifications from several vendors, including Apple and CompTIA.