Although I am not a fan of Apple, I give the company a major shout out today for its efforts to bump up its security efforts. It has added two-factor authentication to its Apple ID, which adds an extra layer of security to those accessing iTunes or the App Store.
According to ZDNet, the two-step verification will work this way:
Once enabled, a 4-digit code is sent via SMS, or the Find My iPhone app when a user successfully signs in with their Apple ID username and password on the My Apple ID website, or when making an iTunes, App Store, or iBookstore purchase from a new device. Users are given a 14-digit recovery code to use if they ever forget their password or lose access to their authorised devices.
Gone is the need to ask security questions to verify identity. That in itself is a positive security move, since security questions have become a risky form of identity verification, thanks largely to social media.
Two-factor authentication has been gaining a lot of popularity lately, as more companies are seeing that the old simple password system is leading to too many hacks and leaving customers vulnerable to attacks. I’m not saying that Apple is coming into the two-factor game late – the idea really is just picking up steam for mainstream applications – but considering that Apple has been a trailblazer in so many areas of technology, the company has been slow to adopt better security. Even this new security measure has a drawback: It isn’t the default. According to Kaspersky Lab’s ThreatPost:
The new Apple two-factor system is not enabled by default and users have to go into their Apple ID account settings and turn the feature on under the Password and Security option.
But it is a good step forward. And Apple really does need to step up its security game across all of its platforms. As the popularity of the Apple platform continues to grow, Mac OS and iOS are becoming a more frequent target of malware attacks.
Still, one step at a time. Or in this case, a two step.