IT security

Apple expands 2FA feature to boost security

Warwick Ashford

Apple has expanded its two-factor authentication (2FA) for iCloud and other services to 48 more countries, bringing the total to 59.

The feature was initially launched in 11 countries, including the UK, to help protect users from hackers trying to access their accounts.

43192_Apple-logo.jpg

Anyone using the feature will be sent a temporary passcode in a text message to their mobile phone to enable them to access any Apple account or service.

This means that even if hackers are able to steal or guess usernames and passwords, they will not be able to access accounts without possessing the mobile phone linked to the account.

2FA also means users will not have to create or remember any security questions.

Hackers will also not be able to use the classic technique of requesting a password reset without possessing the mobile phone that provides the second factor of authentication.

However, users will have to enable this feature because it is not enabled by default.

Once the feature is turned on, the system will allow account changes only with the one-time password (OTP) or verification code sent to the phone.

Users will also be issued with a backup code in case they lose their mobile phone or are unable to receive the OTP because of a lack of coverage.

Countries where the 2FA service is available are listed on the Apple website.

The move to 2FA systems was led by PayPal and Google.

PayPal in the UK introduced the option of 2FA in 2009 in partnership with VeriSign to give users greater protection when making online purchase by using an OTP.

Google introduced a 2FA security feature for Google email accounts in 2011 after it announced two-factor authentication for its Google Apps customers the year before.


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy