Apple Introduces New ‘Two-Factor Authentication’ For iOS 9, OS X El Capitan
Apple yesterday released iOS 9 beta 3 to registered developers as part of the operating system’s roadmap to an eventual public release this fall. In addition to the usual bug fixes, stability improvements, and continued progress, the company also introduced a new two-factor authentication mechanism that attempts to improve the current security system for Apple IDs.
The new two-factor authentication is described by Apple as “an additional layer of security for your Apple ID that is designed to prevent unauthorized access to your account and protect photos, documents, and other data that you store with Apple.” It’s essentially a mechanism that is designed to afford the highest level of protection possible to your Apple ID and is now built directly into iOS 9 and OS X El Capitan in place of Apple’s current “two-step verification“ feature that has historically been used to provide protection to account holders.
So what’s new? Well, the system that will ship with iOS 9 and OS X 10.11 El Capitan uses a set of new methods to trust devices and ultimately deliver verification codes that are used to confirm the identity of the Apple ID owner. Whenever a user signs in on a new device using an Apple ID, for example when upgrading to a new iPhone or purchasing the latest MacBook or iPad, they will verify their identity with a password and accompanying six-digit verification code. The required verification code will be automatically displayed on any iOS 9 or El Capitan device that is currently active using the same Apple ID.
Once signed in using the password and the verification code that device is then considered to be a “trusted” one and won’t be subject to the same process again unless it is wiped clean or removed from the trusted list that will be available to view directly on device through Settings > iCloud > Account. This new two-factor authentication system, while undoubtedly designed to offer maximum protection and streamline the current system, does come with a certain level of implied responsibility for the user, such as remembering the master password and keeping trusted phone numbers up to date.
In this whole process, Apple has seen it fit to remove the Recovery Key system altogether, making sure that users do not lose access to their Apple IDs in any unforeseen event in this new system. Despite being a failsafe method, losing the Recovery Key currently means permanently losing access to your Apple ID. Apple doesn’t want this to happen in the new system.
The complete support document on Apple’s website explaining the new two-factor authentication is as follows:
Apple’s new two-factor authentication system will roll out this fall with the public release of iOS 9 and OS X El Capitan but until then the existing two-factor verification process remains the best option for standard users.