Apple's Beats brand in April unveiled the Powerbeats Pro, a redesigned wire-free version of its popular fitness-oriented Powerbeats earbuds.
MacBook Pro Updates
Apple Two-Step Verification Now Available for iMessage and FaceTime [Updated]
Apple's two-step verification system now covers FaceTime and iMessage, reports The Guardian. Signing into an iMessage or FaceTime account protected by two-step verification will ask users to input an app specific password, which can only be obtained by logging in to an Apple ID account on the web with an authentication code, thereby preventing any unauthorized login attempts.
Two-factor verification is an opt-in system that was first introduced in March of 2013 to increase the security of Apple ID accounts. Prior to today, a verification code was only required for making changes to an account, signing into iCloud, or making iTunes/App Store purchases from a new device.
Two-factor authentication for iCloud is a recent addition that was implemented in September following the breach of several celebrity iCloud accounts, leading to a slew of leaked photos. The hacking incident led Apple to improve the security of iCloud and it also prompted the company to send out security emails when a device is restored, iCloud is accessed, or a password change is attempted.
Last month, a Medium post highlighting some of the remaining shortcomings of two-factor authentication was shared by several technology sites, which may have inspired Apple to update the service to protect iMessage and FaceTime accounts. The post pointed out that it was still possible to log into iMessage, FaceTime, iTunes, the App Store, and into the website using an account with two-factor authentication enabled without being asked for a verification code.
It seems two-factor authentication for iMessage and FaceTime may still be rolling out to users, as MacRumors was able to log into iMessage and FaceTime accounts with two-factor authentication enabled without a code.
Update: Two-factor authentication for iMessage and FaceTime seems to be more widely available now, and it appears that logging into an account requires an app specific password rather than a code to prevent unauthorized entry attempts.
Two-factor verification is an opt-in system that was first introduced in March of 2013 to increase the security of Apple ID accounts. Prior to today, a verification code was only required for making changes to an account, signing into iCloud, or making iTunes/App Store purchases from a new device.
Two-factor authentication for iCloud is a recent addition that was implemented in September following the breach of several celebrity iCloud accounts, leading to a slew of leaked photos. The hacking incident led Apple to improve the security of iCloud and it also prompted the company to send out security emails when a device is restored, iCloud is accessed, or a password change is attempted.
Last month, a Medium post highlighting some of the remaining shortcomings of two-factor authentication was shared by several technology sites, which may have inspired Apple to update the service to protect iMessage and FaceTime accounts. The post pointed out that it was still possible to log into iMessage, FaceTime, iTunes, the App Store, and into the website using an account with two-factor authentication enabled without being asked for a verification code.
It seems two-factor authentication for iMessage and FaceTime may still be rolling out to users, as MacRumors was able to log into iMessage and FaceTime accounts with two-factor authentication enabled without a code.
Update: Two-factor authentication for iMessage and FaceTime seems to be more widely available now, and it appears that logging into an account requires an app specific password rather than a code to prevent unauthorized entry attempts.
[ 62 comments ]
Top Rated Comments
(View all)
56 months ago
This is tooo complex!
Passcode, iCloud password, two-factor authentication, app specific password, recovery code, key chain passcoe..... This is way too complex. I have a background in IT and I cannot keep up with the complexity. I don't think the average use knows how to navigate through.
Apple has to give us something simpler. Maybe Apple Watch is the saviour?
Passcode, iCloud password, two-factor authentication, app specific password, recovery code, key chain passcoe..... This is way too complex. I have a background in IT and I cannot keep up with the complexity. I don't think the average use knows how to navigate through.
Apple has to give us something simpler. Maybe Apple Watch is the saviour?
56 months ago
Signed out just now and was forced to use app-specific passwords.
Maybe this is a dumb question, but can't they just incorporate two-factor for both of these apps where you'd sign in with your AppleID password and be asked to send a code to your trusted iOS device or mobile number? Maybe that'll be an iOS9 deal.
Yea i would like if my two step for my apple id covered everything instead of having to generate app specific passwords
56 months ago
Signed out just now and was forced to use app-specific passwords.
Maybe this is a dumb question, but can't they just incorporate two-factor for both of these apps where you'd sign in with your AppleID password and be asked to send a code to your trusted iOS device or mobile number? Maybe that'll be an iOS9 deal.
Maybe this is a dumb question, but can't they just incorporate two-factor for both of these apps where you'd sign in with your AppleID password and be asked to send a code to your trusted iOS device or mobile number? Maybe that'll be an iOS9 deal.
56 months ago
What I don't like is that this is compulsory. Annoying.
Staying safe can be annoying, but the alternative can be a lot worse.:(
56 months ago
I don't see the point? What is there in FaceTime or iMessage I need to secure? It's not like my SSN is stored there.
Well, considering that banks are now using a text message as THEIR 2-factor authentication and the fact that texts sync with iMessage and... well you start to see the problem. Your life is becoming a web and entire thing is only as strong as its weakest point.
56 months ago
Staying safe can be annoying, but the alternative can be a lot worse.:(
Yeah, someone could break into your phone and send an iMessage with one of the new emoticons that doesn't match your race, and then you could get sued for being racially insensitive. (colon, right parenthesis)
56 months ago
Passcode, iCloud password, two-factor authentication, app specific password, recovery code, key chain passcoe..... This is way too complex. I have a background in IT and I cannot keep up with the complexity. I don't think the average use knows how to navigate through.
Apple has to give us something simpler. Maybe Apple Watch is the saviour?
This hits it on the head. As an IT professional you would love to recommend that everyone turn on 2-factor wherever it exists. However, the reality is that for the MAJORITY of users, the probability of them getting hacked is much smaller than the probability of them locking themselves out of their own account! It's unfortunate, but true, that even many technically savvy people are horrible at organization and record-keeping. They are so used to just being able to reset forgotten passwords at will, that they are at great risk of forfeiting any account that they choose to enable 2-factor on.
Password managers certainly go a long way towards optimal use of unique passwords. However, how many users do you know would actually know how to use their password manager of choice well. How many people do you know that if they enabled 2-factor for a given service like an AppleID, would take the time to customize their vault entry to include their 2-factor recovery key?
How many people do you know that understand that they will forfeit their purchases, email, iCloud, etc, forever if they enable 2-factor on their AppleID but then get locked out and don't know their recovery key?
For these reasons, in 2014 I still find it tough to recommend 2F for anyone that I don't know well enough to understand their technical and credential management aptitude. For the other 99%, I just try to get them interested in using a password manager instead.
56 months ago
You know, this would also now be a good time to mention TouchID ......
Its becoming useless with Apple, since the only thing they have it for is for the App and iTunes Store.
For those devices which don't have Touch ID, then app specific password, but Touch ID on Iphone 5s and later is seriously going to waste...
I would say more developers are taking advantage of this unique bio-metric tech, the Apple even is.
I would have thought Apple would be using touch id across everything, including 2 step as an alternative to. But nope.....
If you can authenticate with Touch ID, why would you need 2 step, since its more secure anyway.
Its becoming useless with Apple, since the only thing they have it for is for the App and iTunes Store.
For those devices which don't have Touch ID, then app specific password, but Touch ID on Iphone 5s and later is seriously going to waste...
I would say more developers are taking advantage of this unique bio-metric tech, the Apple even is.
I would have thought Apple would be using touch id across everything, including 2 step as an alternative to. But nope.....
If you can authenticate with Touch ID, why would you need 2 step, since its more secure anyway.
[ Read All Comments ]
For this week's giveaway, we've teamed up with Throwboy to offer MacRumors readers a chance to win a pillow from the Iconic Pillow Collection, which features plush, pillow versions of classic...
Just days ahead of WWDC 2019, freelance graphic designer Álvaro Pabesio has shared a new iOS 13 concept that envisions many features and changes rumored for the software update, including a...
Google has incorporated food ordering features into its mobile apps, allowing iOS and Android users to order food directly from a range of companies without having to install an additional app or...
Following the release of iOS 12.3 on May 13, Apple has stopped signing iOS 12.2, the previous version of iOS that was available to consumers.
iPhone, iPad, and iPod touch owners who have...
Apple's latest Apple Pay promotion includes $1 tacos from Taco Bell when using Apple Pay to pay for an order in the Taco Bell app in the United States.
The new offer, which was...
Spansive, a company developing new wireless charging technology, today announced the launch of the Spansive Source, a multi-phone wireless charging accessory that's designed for families.
...
Back in March, Apple launched the new 10.5-inch iPad Air with Touch ID, a headphone jack, A12 Bionic processor, support for the Apple Pencil, and compatibility with the Smart Keyboard. Today, B&H...
A security researcher found a flaw in Instagram's website that caused thousands of users' email addresses and phone numbers to be exposed online for several weeks, it was revealed on...
