New in OS X: Get MacRumors Push Notifications on your Mac

Resubscribe Now Close

iCloud.com Now Utilizing Two-Factor Authentication

Tuesday September 16, 2014 11:53 am PDT by Juli Clover
Apple's two-factor authentication system is now enabled for iCloud.com, with the site asking for a verification code before allowing users with two-factor authentication enabled to access various iCloud.com apps.

Access to iCloud.com apps like Mail, Contacts, Calendar, Reminders, Pages, Numbers, and Keynote is restricted until the verification code is entered on the website, but Find My iPhone remains accessible.

twofactor
Users also receive an email when their Apple ID is used to sign into iCloud via the web browser, a feature that was implemented following the recent hacking of celebrity iCloud accounts that led to hundreds of photos being shared on the Internet.

icloudemail
Following the hacking incident, Apple CEO Tim Cook pledged to improve iCloud security by expanding two-factor authentication to iCloud and sending out security emails when a device is restored, iCloud is accessed, or a password change is attempted. Cook also said that Apple will aim to increase awareness about two-factor verification.

Originally implemented back in March of 2013, two-factor verification is an opt-in system designed to increase Apple ID account security by requiring identity verification before allowing users to make account changes or purchase content on new devices. It replaces standard security questions with a security code delivered to a trusted device.

Apple first tested two-factor authentication for iCloud.com back in June, well ahead of the iCloud breach, but the feature was not implemented until today.

[ 86 comments ]


Top Rated Comments

(View all)

Avatar
TimUSCA
63 months ago

so you have to own two apple devices in order for this to work?


No, you just have to have SMS. Shows that option right there in the screen shot.
Rating: 13 Votes
Avatar
yaxomoxay
63 months ago
no more Kate Upton then?
APPLE IS DOOMED.
Rating: 7 Votes
Avatar
840quadra
63 months ago

so you have to own two apple devices in order for this to work?


If it is like the rest of their 2FA, It supports SMS. I had it associated with my Android phone for some time until I recently switched it back to my iPhone.
Rating: 6 Votes
Avatar
cire
63 months ago

My naked selfies are safe!


That's what you think! Btw, please workout a little more before your next round of nude selfies. >;-)
Rating: 5 Votes
Avatar
EdgardasB
63 months ago
Damn still no two-step verification for my country, seems that Apple wants some nude pictures
Rating: 4 Votes
Avatar
camnchar
63 months ago
My naked selfies are safe!
Rating: 4 Votes
Avatar
PinkyMacGodess
63 months ago

So...in other words Apple admit had weak iCloud protection?


Anything that relies on 'users' is going to be weak. No matter WHAT you do...
Rating: 4 Votes
Avatar
WolfSnap
63 months ago
This has been working for MONTHS!!

I noticed it a while ago when I logged in months ago. This isn't news, this is just a feature that hasn't been reported on yet.

The whole iCloud "break in" is the dumbest piece of reporting I've seen in a while.

They used a password like, "PASSWORD" or "passw0rd" or "Pass123" or something equally dumb. This is a story about idiots and their bad passwords, not about Apple. Ugh, pisses me off.
Rating: 4 Votes
Avatar
newagemac
63 months ago
Just curious. If you turn on "Remember this Browser", does that mean you need to somehow reset the remembered browser if you sell your device? Or will resetting the device itself take care of that for you? If not, how do you reset what browsers are remembered?
Rating: 3 Votes
Avatar
C64
63 months ago

Not working for me: once I log into iCloud.com I can access my apps without any extra login.

Should I enable this two-factor authentication or maybe the roll out isn't done yet?

Yes, you need to enable two-step verification in order for two-step verification to work...
Rating: 3 Votes

[ Read All Comments ]