Apple's two-factor authentication relies on a Recovery Key when you get locked out, and you can't access your account if it's hacked without that key. The Next Web learnt this the hard way.
The Next Web's Owen Williams was locked out of his Apple ID and didn't have his Recovery Key. If you're using two-factor authentication, this is almost as bad as losing your phone. The Recovery Key is your safeguard to prove that you're you — if someone attempts and fails to get into your Apple account, the only way back in is with the Recovery Key. Without your Recovery Key, you're locked out of your Apple ID for good and all your purchases are gone. Apple makes this abundantly clear when you sign up for two-factor authentication, but if you somehow missed this memo, you can get a new Recovery Key pretty easily:
- Go to the Apple ID page and log in.
- Click "Password and Security"
- Click "Replace Lost Key" and click Next
- Make sure you actually print or save your key somewhere safe this time
You can only generate a new Recovery Key if you have access to your account, so do it now while you still can. Head over to The Next Web for William's whole story.
The dark side of Apple's two-factor authentication [The Next Web]