Security
Brought to you by

Apple's New Two-Factor Authentication For iTunes Explained

We’ve always recommended setting up two-factor authentication to protect your personal data. Apple has finally added optional two-factor authentication to iTunes accounts, which gives you an extra level of protection. How does it work?

Picture: Stefan Gosatti/Getty Images

Two-factor authentication means that instead of purely using a password to sign into a service, you also need to supply an additional piece of information. The most common implementation (and the one Apple uses) is to send a one-time code as a text message to a specified phone number, which you need to then use on the device where you’re signing in on. That means that even if someone gets hold of or guesses your password, they still can’t log in unless they also have access to your phone.

Apple’s implementation doesn’t require you to get this code every time you sign into your account; it will ask for it whenever you sign in from a device that hasn’t been used before. That’s a common approach (Google, Dropbox and Microsoft all use it as well). You can set the notification to be sent either as an SMS message or as a Find My iPhone notification.

Fortunately, Australia is on the list of countries where Apple has begun supporting two-factor authentication. To set it up, go to the Apple ID sign-in page, head to the Password and Security section, and select ‘Getting Started’ under Two-Step Verification. (We’re sticking with two-factor, as that’s the more common term).

A common question about two-factor is: what happens if you lose the device which receives the messages? Apple’s approach is to provide a 14-digit ‘recovery key’ which you can use to sign back into the service. Don’t store that on any of your devices; printing it and locking it in a drawer is a more sensible approach.

Apple


Have you subscribed to Lifehacker Australia's email newsletter? You can also follow us on Facebook, Twitter and YouTube.