Transition to iOS 11 or MacOS High Sierra will mean all iCloud users use two-factor authentication, a security feature that requires a code from a trusted device when signing in on a new device.
Two-factor authentication when logging into Apple ID on a new device (or a device that is not used for this by default) is intended to prevent potential hackers and thieves from accessing someone else's account even if they know the password. Logging in requires a second code, which is generated once and will be displayed on one of the devices that is already associated with the given Apple ID.
When logging in, this device also displays a map section with the approximate location of the "new" device that wants to log in to the Apple ID, so you can immediately see if someone is trying to hack into your account, if access is requested from, for example, another city or Earth.
In the Czech Republic, Apple launched two-factor authentication February last year and so far users of its products have only been advised to switch to it for better security. But now it has started users with active two-step verification (an older version with a similar principle) to send emails informing that the use of certain iCloud features in iOS 11 and macOS High Sierra will require two-factor authentication and users will be automatically switched to them.
More about two-factor authentication can also be found on the Apple website.
Starting in mid-June, third-party apps will require specific passwords to access iCloud https://t.co/RvAUOABAo0 pic.twitter.com/sbP1UWomkf
— Jablíčkář.cz (@Jablickar) May 16, 2017
First step the transition of virtually all users of Apple products to two-factor authentication Apple ID will take place this Thursday, June 15. From then on, all third-party apps that want to use iCloud will have to use this security feature - a specific password.
You write that this security feature requires 2 devices. Then it couldn't be mandatory. Or did I not understand something? (I feel like I've seen this even with users who only had one device.)
You're right, we've edited the text a bit. You don't need two devices. But if you have one iPhone and turn on two-factor authentication on it, you'll always need it when you sign in on a second, new device.
What if I lose that iPhone and buy a new one?
Restore from iCloud backup and you're good to go.
Or SMS, which is why Apple also recommends adding another trusted phone, for example a family member.
Then the two-factor authentication wouldn't work, right? I can't connect the unknown phone to my iCloud account.
This is something that bothers me a bit. It often happens that my phone is far away and I have a computer at home, so I go to iCloud to look at some mail and lo and behold, I have to get up and go to the phone and type in the code that came to it, but I can now look at the mail directly on it . And so I always leave iCloud disappointed :( I don't see a reason to go to iCloud anymore since there is two-factor authentication.
Hello, you only need to do it once and after verification you will check the remember this browser option. In that case, you can only log in to iCloud.
Hi, thanks for the reminder. That's just the fact that if I'm on my computer, I don't need to go to iCloud, if I'm on another computer, I won't be able to remember this browser. It's about the fact that when I don't have my device with me and I need to find something out, I can't get to iCloud, and if I have my device with me I don't need to get there. I don't know why other users go to iCloud, but probably for a different reason than me.
I understand clearly. I use icloud on one work windows. When it's a foreign computer, that's understandable. I thought they were yours
Exactly - here the whole famous two-factor authentication just throws sticks under our feet. They didn't think this through at all.
I don't understand this upside-down bullshit... Why does it work almost the same as two-phase? The two-factor was supposed to work in such a way that it would only be enough to tap it, as it is now modern and fully functional, whether with Blizzard, internet banking, etc... Why do I have to rewrite something like an idiot when it's all online?
Where on earth did Apple screw this up? User friendly systems? Not for a long time, at least for the last 5 years :-/ Sad…
I see I'm not the only one unhappy with this crap. Classic password and security questions - that was quite an easy and understandable solution. Now one still needs some device with one's person. In addition, the functionality with the map is absolutely useless - it has no problem showing a location hundreds of kilometers away. And the top of it all is the situation when I want to connect somewhere on a device, a request for a code pops up on it, but at the same time the code arrives on the same device - all security at that moment is in pr****. :D
I'm all for it, it just bothers me how sometimes it doesn't quite work for them:
I log in to icloud.com, for example, where it sends me a message saying: "Enter the code displayed on one of your devices", but sometimes the modal with the code doesn't pop up on my phone. Sometimes it happened to me that it just flashed. Logging in is then quite fun.
Probably your fault, I haven't had the slightest problem with it yet...
I see,
I really like these comments :)
Everywhere it says in supported devices also Apple Watch and watchOS 2 or higher, but at the same time in the information it says to me that although AW are trusted devices, they cannot receive codes.
Otherwise, I use two-factor authentication for all important accounts, where unauthorized hacking would cause major problems or direct financial loss, and the solution from Apple seems to me to be the best at the moment. Google Authenticator is also fine, but if I change the phone or do a factory reset (including restoring from a backup), the saved servers are useless and I have to set them up again... I just log in to iCloud with Apple and confirm it somewhere else.
And even though it may seem like a rant, I know users who have the password "password1234" and similar tidbits for their bank account, so some people need to be forced into higher security.
I came across an incredible trick - a friend activated a deleted phone after a complaint ("smartly" we postponed it until I got to the chat) and when logging in Apple ID wanted to verify it. Of course, we didn't have any other equipment except at the cottage. We also hesitated to send SMS, because if you do not have your phone activated, it is difficult to read the SMS. We tried to select this option and the iPhone found the code somewhere in the background on a white screen and filled it in. I was really surprised that they thought of this
If you don't unlock the SIM with a PIN, nothing can reach you.
Yes, but that's before you get to the apps
Friends, what Apple is demonstrating is security paranoia. And it can't be cured, it blocked all my emails and I had to generate new passwords.