Apple introduced two-factor authentication to its iCloud and Apple ID login today, adding a layer of security that was proven missing after Wired reporter Mat Honan’s iCloud account was broken into last year.
Two-factor authentication makes your accounts more secure because it’s just an added defense between your information and the bad guys. Some forms of two-factor authentication require that you have a separate dongle that flashes different security codes to enter before accessing your account. Others, such as Google Authenticator, generate these codes on an app on your phone, and others like Facebook send a text message with the code.
Apple will be using both the app and SMS versions, providing security codes through texts as well as the FindMyiPhone app.
You can set up two-factor authentication by going to the Apple ID website and clicking on the security tab. From there, Apple will ask you to identify a “trusted device.”
In 2012, we learned how easy it can be to get into an iCloud account when Honan’s digital life was erased in an instant. A hacker by the name of Phobia was able to access Honan’s Amazon account using social engineering. Once in, Phobia grabbed enough information about Honan to convince an Apple customer service representative that he was, in fact, Honan, changing his iCloud password over the phone. Once the password was changed, Phobia was in and remotely wiped Honan’s iPhone, iPad and Mac, all because Honan has a three-letter Twitter handle.
VB's research team is studying mobile user acquisition... Chime in here, and we’ll share the results.