14 DAY TRIAL // Attempting to further strengthen the security of Apple IDs in the wild, Apple this week flipped on a switch to enable two-step verification for messaging and video chatting on iPhones, iPads and Macs.
Two-step verification essentially means that you have to supply a second password to log into an online account that you use.
This second password, typically a short code composed entirely of numbers, is sent back to the user through an additional channel (via SMS or email), and the user is required to take that code and punch it in on the device that they want to authenticate on - in this case, on their iPhone or iPad.
Users who have already enabled two-step authentication on their Macs as part of Apple’s initial rollout of the feature will not be required to take any action. However, whenever a user logs out of their Apple account and logs back in again, the security feature is enforced.
iMessage and FaceTime also benefit from the feature now. The two services are therefore safer to use starting today.
Thwarting Apple ID theft
One of the most commonly spread methods of ID theft involves phishing emails, fake messages that pose as notices from the vendor asking the user to input their credentials.
Users who don’t detect the nature of the bogus email are tricked into entering their information, essentially handing it over in plain text to whomever is behind the phishing scam. A lot of Apple IDs have been stolen this way, with the cybercriminals using their credit card information for nefarious purposes, or even leaking their identities and associated photos and messages online.
Two-step authentication ensures that even if hackers can obtain your password, they still need that additional code that only you can receive on your phone or another email account. It’s not bulletproof, but it’s certainly better than not having this additional layer of security it at all.
Security researchers say that multi-factor authentication is ideal, because it involves a secondary service or device that only the real user has access to.