In an effort to improve security for its cloud-based services, Apple is adding two-factor authentication to Apple ID and iCloud accounts. Apple customers have the option of turning on the feature, which will require them to verify their identities every time they use a new device.
Tim Bradshaw with The Financial Times reported, "Apple has beefed up its customers’ online security by adding an optional extra password, generated by an app, to protect its Apple ID and iCloud accounts."
USA Today's Brett Molina explained, "Two-step verification requires users to type in a special code, often sent via text message, to verify an account before making purchases or accessing services. In the case of Apple ID, users start by registering a trusted device to receive the code. Whenever a purchase is made from a new device -- computer, smartphone or tablet -- using your Apple ID, the company sends a random four-digit code users must add to complete the transaction."
Sean Michael Kerner with eSecurity Planet noted, "The move to a two-step verification scheme will also put the onus of responsibility for password protection on users, not Apple. 'Apple Support cannot reset your password on your behalf,' Apple stated. 'To reset your password, you must have your Recovery Key and access to at least one of your trusted devices.'"
Mashable's Emily Price observed, "The extra level of security makes it more difficult for hackers to gain access to your account. Should your password fall into the wrong hands, it's a roadblock preventing that person from signing in and accessing your data. iCloud’s security came into question last year when hackers gained access to a Wired reporter’s account and remotely wiped his iPhone, iPad, and MacBook Air in a matter of minutes. In that particular instance, Apple tech support gave the hacker access to the reporter’s account. Apple has since adjusted security measures to prevent a similar situation from happening again."