AAPL Stock: 117.81 ( -0.22 )

Printed from

Apple now offering two-step verification for iCloud login

updated 07:00 pm EDT, Mon June 30, 2014

Four-digit passcode identifies device on top of user credentials

Apple is either testing or in the process of rolling out two-step verification for its portal, optionally allowing users who want to use the two-factor authentication to enter a random four-digit passcode on their device in order to add it to a list of "trusted" devices. The option is not yet available to Apple ID accounts that have previously set the preference for using two-step verification, but improves security over the default "Apple ID password only" method.

iCloud portal when two-step verification is required
iCloud portal when two-step verification is required

For those unfamiliar with two-factor authentication, it adds one extra step of verification if a device accesses a site that requires it. In addition to having the login and password information, the user must also verify a four-digit random code, which can be texted or sent to a different device. The user enters the four-digit code on the original machine seeking access, and the device gains "trusted" status that won't require re-verification under normal circumstances.

Apple began implementing the option in order to protect Apple ID users over a year ago, and has since expanded the program across Europe, Canada, the UK, Ireland, Australia and New Zealand. The "Find My iPhone" portion of the site (and its companion apps) are deliberately excluded from using two-factor authentication so that owners can track and recover missing or stolen "trusted" devices.

At present, the two-step verification appears to work inconsistently, reports AppleInsider. In some cases, re-verification of the secondary code was required each time the user logged in, in other cases it wasn't. Users can set up the extra security measure by turning on the option at MyAppleID.

by MacNN Staff



  1. donaldkepler

    Junior Member

    Joined: 04-07-14

    Great News !

    Although, a great idea for important data privacy; but the authentication task for 'trusted devices authentication' will be cumbersome?

  1. Charles Martin

    MacNN Editor

    Joined: 08-04-01

    It's pretty easy, really: the site sends a code to a pre-registered device (say, a cell phone) and the user enters the four-digit code from the cell phone into the site to verify. That's it.

  1. donaldkepler

    Junior Member

    Joined: 04-07-14

    Maintaining and keeping privacy of that database of all trusted devices will also be easiest ?... :--

Login Here

Not a member of the MacNN forums? Register now for free.


Network Headlines

Follow us on Facebook


Most Popular


Recent Reviews

Ultimate Ears Megaboom Bluetooth Speaker

Ultimate Ears (now owned by Logitech) has found great success in the marketplace with its "Boom" series of Bluetooth speakers, a mod ...

Kinivo URBN Premium Bluetooth Headphones

We love music, and we're willing to bet that you do, too. If you're like us, you probably spend a good portion of your time wearing ...

Jamstik+ MIDI Controller

For a long time the MIDI world has been dominated by keyboard-inspired controllers. Times are changing however, and we are slowly star ...


Most Commented