Two-factor authentication is an extra layer of security for your Apple ID designed to ensure that you're the only person who can access your account, even if someone knows your password. It’s a useful feature — and one that’s necessary if you plan to use your Apple Watch to automatically unlock your Mac.
However, there’s a difference between two-factor authentication and two-step verification, which we looked at yesterday. It’s one of those things that Apple has made needlessly confusing.
Two-step verification protects access to certain activities with users’ Apple ID since 2013. This method introduces an extra verification step in addition to the password. Apple views two-factor authentication (first released in 2015 with iOS 9) as an improvement over the previously used two-step verification. The new and improved security method is built directly into iOS 9 and OS X El Capitan, and cannot be used on devices running older versions of iOS.
Two-factor authentication is available to iCloud users with at least one device that's using iOS 9 or OS X El Capitan or later. You can follow the steps below to turn on two-factor authentication.
On your iPhone, iPad, or iPod touch with iOS 9 or later:
- Go to Settings > iCloud > tap your Apple ID.
- Tap Password & Security.
- Tap Turn on Two-Factor Authentication.
On your Mac with OS X El Capitan or later:
- Go to Apple () menu > System Preferences > iCloud > Account Details.
- Click Security.
- Click Turn on Two-Factor Authentication.
After you turn it on, signing into your account will require both your password and access to your trusted devices or trusted phone number. To keep your account as secure as possible and help ensure you never lose access, there are a few simple guidelines you should follow:
- Remember your Apple ID password.
- Use a device passcode on all your devices.
- Keep your trusted phone number(s) up to date.
- Keep your trusted devices physically secure.