How to Enable Mac’s New Built-In Two-Factor Authenticator (and Why You Should)

How to Enable Mac’s New Built-In Two-Factor Authenticator (and Why You Should)
Photo: Kamil Zajaczkowski, Shutterstock

In case you haven’t heard us preach about this issue before, you really should be using two-factor authentication for all your important accounts. An extra layer of added security, with a six-digit passcode that’s regenerated every 30 seconds, is essential for keeping your digital accounts safe and secure. But the question is, how do you go about it in a way that’s actually easy to use? 

Options are aplenty; Bitwarden and 1Password both have stellar two-factor authentication features built-in — but these apps cost money, and they’re ultimately third-party options, rather than something built into our devices. But now, Apple has integrated two-factor authentication in the Passwords feature with iOS 15, iPadOS 15, and macOS Monterey.

This feature syncs across all your devices using iCloud Keychain, so all the two-factor codes from your iPhone will be available on your Mac, and vice-versa. (Here’s how to use the two-factor process for iPhone and iPad.) And if you use Safari, you can enter two-factor authentication codes simply by using Touch ID, with no need to dig into a password management app.

How to set up two-factor authentication on Mac

Setting up two-factor authentication on macOS Monterey is as easy as can be — you just enter the verification code, and you’re good to go. The process for most websites, apps, and services is the same. In this example, we will be using Twitter in the Safari browser. You’ll need to first add the website login to iCloud Keychain.

To begin, open the website, and find the two-factor authentication feature in settings. In Twitter, it’s available in Settings & Privacy > Security and Account Access > Security > Two Factor Authentication. Here, choose the “Authentication App” option.

Screenshot: Khamosh Pathak Screenshot: Khamosh Pathak

From the wizard, click the “Start” button. Enter your password, and choose the “Verify” option.

Screenshot: Khamosh Pathak Screenshot: Khamosh Pathak

Twitter will show you a QR code by default. Instead, click the little “Can’t scan QR code?” link at the bottom.

Screenshot: Khamosh Pathak Screenshot: Khamosh Pathak

Copy the verification code that you see.

Screenshot: Khamosh Pathak Screenshot: Khamosh Pathak

On your Mac, open “System Preferences,” and go to “Passwords.” Authenticate, and then open the “Twitter” login. Here, click the “Edit” button.

Screenshot: Khamosh Pathak Screenshot: Khamosh Pathak

From the Verification Code section, click the “Enter Setup Key” button.

Screenshot: Khamosh Pathak Screenshot: Khamosh Pathak

Paste in the verification code from the website, and click “OK.” Then click the “Save” button to save the details.

Screenshot: Khamosh Pathak Screenshot: Khamosh Pathak

You’ll now see a six-digit verification code that is re-generated every 30 seconds. Go back to Twitter, click the “Next” button from the verification code screen, and enter the six-digit code.

Screenshot: Khamosh Pathak Screenshot: Khamosh Pathak

If you’re using a Mac with Touch ID, you can enter it simply by scanning your finger — you’ll see the code is verified, and two-factor authentication will be set up and enabled. You’ll also see a backup code that you should save in a safe place (perhaps a password-protected note in the Notes app).

How to log in using two-factor authentication on Mac

Screenshot: Khamosh Pathak Screenshot: Khamosh Pathak

If you’re using Safari, you don’t need to hunt for the verification codes. Safari will auto-fill them for you. The next time you log in to the site, and end up at the verification page, just use Touch ID to log in. If you don’t use Safari, you’ll have to manually find the verification code. To do that, open System Preferences > Passwords, and find the website login. You’ll see the verification code on the details screen.

Screenshot: Khamosh Pathak Screenshot: Khamosh Pathak

How to delete two-factor authentication on Mac

If you don’t want to use two-factor authentication for a website anymore, you can delete it from the Passwords app. First, make sure to disable it on the website itself (as that might require you to enter a verification code).

Then, go to System Preferences > Passwords. Find the website in question, and click the “Edit” button. From the Verification Code section, click the “Delete Verification Code” button, and on the confirmation popup, choose “Delete Verification Code” again. The two-factor authentication section will now disappear.

Log in to comment on this story!