Apple is separating the new smartphones into its usual low-cost versus high-cost categories, with big differences between the two models coming down to the camera, display, and battery life.
iOS 13 & watchOS 6 Now Available
Apple Increases Account Security With Optional Two-Step Verification System for Apple IDs
Apple has implemented a new two-step verification system for Apple IDs (via 9to5Mac), adding an additional layer of protection for Apple accounts with an extra security code and a "trusted" device.
As the recovery key is used in place of security questions, keeping it secure is of the utmost importance. A lost or forgotten key can be recovered with a trusted device and a password, just as a password can be recovered with a trusted device and a recovery key.
The verification system will request a password that has one letter, one number, one capital letter, and at least eight characters. If such a password is not already in use, users will need to wait three days to fully enable two-step verification. Users with an already compliant password can move on immediately to the next step.
A security code will be sent through SMS or using the Find My iPhone app, and during setup, users can choose a single trusted device. To begin the process, users can visit the Apple ID website to implement two-step verification.
Two-step verification will require you to verify your identity using one of your devices before you can make changes to your account or make an iTunes or App Store purchase from a new device. You will also get a Recovery Key for safekeeping which you can use to access your account if you ever forget your password or lose your device.Once enabled, the new system replaces the standard security questions that are asked before users make purchases on a new device and password resets can only be done from the designated iPhone or iPad.
As the recovery key is used in place of security questions, keeping it secure is of the utmost importance. A lost or forgotten key can be recovered with a trusted device and a password, just as a password can be recovered with a trusted device and a recovery key.
The verification system will request a password that has one letter, one number, one capital letter, and at least eight characters. If such a password is not already in use, users will need to wait three days to fully enable two-step verification. Users with an already compliant password can move on immediately to the next step.
A security code will be sent through SMS or using the Find My iPhone app, and during setup, users can choose a single trusted device. To begin the process, users can visit the Apple ID website to implement two-step verification.
[ 178 comments ]
Top Rated Comments
(View all)
85 months ago
Can apple make it anymore annoying...geeez
Perhaps you missed the part that it's optional?
:rolleyes:
85 months ago
1234.....how did Apple know my security code!!???
John Appleseed? Is that really you?
85 months ago
Can apple make it anymore annoying...geeez
Seriously? Google introduces (http://www.google.com/search?q=google+introduces+two+step+verification&hl=en&biw=1727&bih=1304&sa=X&ei=j2RLUd_cIauu2gXGuYHABQ&ved=0CB0QpwUoBg&source=lnt&tbs=cdr%3A1%2Ccd_min%3A2%2F1%2F2011%2Ccd_max%3A3%2F1%2F2011&tbm=#hl=en&tbs=cdr:1%2Ccd_min%3A2%2F1%2F2011%2Ccd_max%3A3%2F1%2F2011&sclient=psy-ab&q=google+two+step+verification&oq=google+two+step+verification&gs_l=serp.3...4165.4165.0.4334.1.1.0.0.0.0.0.0..0.0...0.0...1c.1.7.psy-ab.QFMX0pozUkw&pbx=1&bav=on.2,or.r_qf.&bvm=bv.44158598,d.b2I&fp=5055737f513ba032&biw=1727&bih=1304) two-step verification and everyone goes gaga.
Apple introduces two-step verification and people complain.
Really sick of the anti-Apple everything happening these days. Sheesh.
85 months ago
1234.....how did Apple know my security code!!???
That's the kind of code only an idiot would have on his luggage... //www.youtube.com/watch?v=a6iW-8xPw3k :D
85 months ago
As much as two-step authentic verification is annoying, I will turn it on, as I have for my other services.
85 months ago
Enabled.
Noticed that they're keen to ensure you know that if something goes wrong it's your fault and Apple can't help you. It reminded me around 4 times during the process that if I lose the recovery key and forget my password / lose access to my trusted device then Apple can't help at all.
Covering their butts from a legal standpoint if someone alleges that Apple is to blame if account access is lost, I'm guessing.
Pretty sure that's to keep social engineering at a minimum. Since, ya know, that's the whole point.
85 months ago
(This is yet another of my crazy extrapolations, but here goes...)
Maybe the "trusted device" concept, as Apple has currently implemented it, is merely setting the stage for biometric user identification in future iPhones and iPads. Tighter security is always more inconvenient for users. Adding the trusted device verification code is a huge improvement in security, but it's an extra hoop for users to jump through. For now.
But if and when Apple adds thumbprint scanners to iOS devices, the two-step verification hassle almost totally disappears. Any iOS device on which you swipe your thumb (and maybe other digits, just in case you need to wear a band-aid on your thumb) will become a "trusted device." You might have to enter your Apple ID password and verify it with the 4-digit challenge code sent to that device. But just once.
The biometrics would guarantee that it really is you trying to log in to your iCloud / iTunes account. Especially if the thumbprint sensor detects the density and/or other "liveness indicator" of your digit, to foil amputated thumb login attempts. The good news: your iCloud / iTunes account stays safe. The bad news: you're missing a thumb.
OK, yeah. The amputated thumb thing wouldn't be good. So maybe Apple could just use the FaceTime camera instead of a thumbprint reader. Apple has the software chops to do it, and they could leverage their years of experience with face recognition in iPhoto. Let's not forget that Apple acquired Polar Rose, and their face recognition technology and expertise, in 2010. Face recognition could be a key feature in Apple mobile and legacy computing devices in the future. Not to mention a key feature in Apple's television solution. But I digress.
And how would this biometrics benefit Apple? Well, the vast increase in ease-of-use would be a big draw. Only the latest iOS devices would have the thumbprint sensor. Or only iOS 7+ devices would have the face recognition biometrics feature (which means, of course, only the iPhone 6 and other next-gen iOS devices.) The biometric login system would be the next generation of iOS devices' "killer feature." I'd love it. Especially if Apple enforces the two-step login every time for all older devices.
Great idea, except for the part where numerous studies have found biometric scanners can get outsmarted by gummy bears. I'm not sure where the technology stands today, but gummy bears...
Gummy bears! :eek:
85 months ago
Lot of confusion about Google Authenticator in this thread. It doesn't store anything on Google's servers, it gives you one time codes. You need this code AND your account password to login. Just read the Wikipedia article about it.
It works with other services like Dropbox, Lastpass, Amazon Web Services and Facebook because it is based on some standard method of creating codes. You don't even have to use the official Google Authenticator app, there are several others like Authenticator for Windows Phone and a version for so called Java dumb phones.
Someone asked about Facebook and Google Authenticator. They are telling you to use their own code generator but they are really just using the same method as Google and Dropbox. Just click the help button when you are setting it up and look for a 16 digit code (or something), this you type in Google Authenticator and it will give you one time codes back. I can confirm this is working. Also, nothing stops you from using several devices with Google Authenticator (or third-party alternatives) as long as you set them up at the same time.
You should of course have auto lock enabled on your phone if you are using a phone application like Google Authenticator to create codes. And it is still a good idea, even with 2 step activated, to use a password manager to create passwords for most accounts and Diceware for accounts where you have to remember the password.
Too bad Apple did not choose to support Google Authenticator.
It works with other services like Dropbox, Lastpass, Amazon Web Services and Facebook because it is based on some standard method of creating codes. You don't even have to use the official Google Authenticator app, there are several others like Authenticator for Windows Phone and a version for so called Java dumb phones.
Someone asked about Facebook and Google Authenticator. They are telling you to use their own code generator but they are really just using the same method as Google and Dropbox. Just click the help button when you are setting it up and look for a 16 digit code (or something), this you type in Google Authenticator and it will give you one time codes back. I can confirm this is working. Also, nothing stops you from using several devices with Google Authenticator (or third-party alternatives) as long as you set them up at the same time.
You should of course have auto lock enabled on your phone if you are using a phone application like Google Authenticator to create codes. And it is still a good idea, even with 2 step activated, to use a password manager to create passwords for most accounts and Diceware for accounts where you have to remember the password.
Too bad Apple did not choose to support Google Authenticator.
[ Read All Comments ]
Burst Mode refers to when the camera on your iPhone captures a series of photos in rapid succession, at a rate of ten frames per second. It's a great way to shoot an action scene or an unexpected...
Apple's Portrait Mode has become a popular way of taking impressive shots using a depth-of-field effect known as bokeh, allowing iPhone users to shoot a photo that keeps the subject sharp with a...
Apple has redesigned the native Camera app on the iPhone 11 and iPhone 11 Pro to make space for the various additional shooting options available in its new flagship phones, and one particularly...
Apple's massive launch week has come to a close, with the iPhone 11, iPhone 11 Pro, iPhone 11 Pro Max, and Apple Watch Series 5 all debuting on Friday. And as if that wasn't enough, Thursday...
With the arrival of the iPhone 11, iPhone 11 Pro and iPhone 11 Pro Max, Apple has introduced an optional new camera feature in iOS 13 that's designed to allow you to correct the alignment of...
For this week's giveaway, we've teamed up with AnyTrans to offer MacRumors readers a chance to win one of Apple's new iPhone 11 Pro Max devices and a lifetime AnyTrans license.
For...
Due to Apple seeding the iOS 13.1 beta prior to the public release of iOS 13, upgrading to a new iPhone may be a bit trickier this year.
In a support document, Apple has provided instructions...
Apple today the golden master version of an upcoming tvOS 13 update to developers, one week after seeding the eleventh beta and more than three months after unveiling the tvOS 13 software at the...
