Is enable two-step verification for Apple ID important?

[deany]

Talk Talks UK 4,000,000 customers just hit by major security breach.

Info compromised: names, addresses, dates of birth, phone numbers, email addresses, TalkTalk account information, credit card details and/or bank details.

Does the two step verification for apple ID cause any major hassle when buying apps keychain etc?

I also use msecure app as I think the main problem is same/similar weak passwords. msecure generates passwords for you.

just want to protect my apple stuff etc

thanks

 

[Menel]

You should use two factor auth any time financial information needs to be protected. So yes.

 

[WarcraftWidow]

I use two-factor auth on any website that offers it.

 

[deany]

You should use two factor auth any time financial information needs to be protected. So yes.

thanks for your reply, so I just enable it via:

https://support.apple.com/en-gb/HT204152

and won't experience 'head aches' when buying stuff / logging in to keychain etc

just getting a bit paranoid of data theft.

cheers

 

[LordQ]

thanks for your reply, so I just enable it via:

https://support.apple.com/en-gb/HT204152

and won't experience 'head aches' when buying stuff / logging in to keychain etc

just getting a bit paranoid of data theft.

cheers

No experience here on two-step verification with Apple ID, but I use it with Outlook and the only pain is to enter your phone number to get the verification code. Not sure if the same happens with Apple, but an extra layer of security is always welcome.

 

[deany]

No experience here on two-step verification with Apple ID, but I use it with Outlook and the only pain is to enter your phone number to get the verification code. Not sure if the same happens with Apple, but an extra layer of security is always welcome.

thanks for your reply

anyone with iOS or OS X El Cap using safari have experience with two-step verification for Apple ID, enabled, in a typical day?

 

[0000757]

thanks for your reply

anyone with iOS or OS X El Cap using safari have experience with two-step verification for Apple ID, enabled, in a typical day?

I mean, it's the same as two-step authorization with any other service. The only time I ever have to get a code is if I go to iCloud.com (which I almost never do).

 

[deany]

I mean, it's the same as two-step authorization with any other service. The only time I ever have to get a code is if I go to iCloud.com (which I almost never do).

thanks for your reply.

So its 100% worth it, in fact everyone should enable it?

 

[WarcraftWidow]

thanks for your reply.

So its 100% worth it, in fact everyone should enable it?

Everyone should do it. On a regular day the only time I deal with it is a new browser/new computer. When you set up a new device, then you need it.

 

[EdgardasB]

Lithuania, Latvia, Estonia and etc still can't use this feature... ^^

 

[deany]

Everyone should do it. On a regular day the only time I deal with it is a new browser/new computer. When you set up a new device, then you need it.

Okay, thanks, have setup 'reminder 'to get this enabled ASAP

 

[deany]

Lithuania, Latvia, Estonia and etc still can't use this feature... ^^

thats not good by the sound of it. I would complain to apple.

 

[0000757]

thanks for your reply.

So its 100% worth it, in fact everyone should enable it?

I do it on anything that has my credit card information attached to it, or anything that I think might have very sensitive data.

 

[kingdom23]

Lithuania, Latvia, Estonia and etc still can't use this feature... ^^

Not available for me yet either!

 

[EdgardasB]

thats not good by the sound of it. I would complain to apple.

I have complained to Apple for years, also to carrier which is official Apple carrier, no reaction :/ But what is interesting, iCloud keychain sms verification works for my country...

 

[lemimouth]

I enabled 2 steps auth a while back, but suddenly 2 weeks ago iTunes and App Store on my Mac (El Cap) wouldn't accept my password ("unknown error"). Had to disable it

 

[deany]

Just read Talk Talks customer data was not encrypted.

I'm sorry this is the 3rd attack on the company in 12 months and not to encrypt 4,000,000 customers data is a _disgrace_

UNACCEPTABLE.

The CEO 'smoothing it over' at around 00:48 seconds is also a disgrace.
http://www.bbc.co.uk/news/uk-34615226

Even my msecure data is '256 blowfish encrypted' & it cost a few quit years ago from the app store.

256 Blowfish:
As a public domain cipher, Blowfish has been subject to a significant amount of cryptanalysis, and full Blowfish encryption has never been broken.
....Well apart from gchq, nsa and Alan Turing they are excuded from this!

 

[zorinlynx]

Two step Apple ID was a pain at first, but they've done a lot lately to fix it.

For a while you needed to generate app-specific passwords on OS X for things like FaceTime. This has thankfully been fixed in El Capitan.

Once a device is remembered it doesn't ask you to verify again unless something changes.

I recommend it. A lot of information is tied up in our Apple IDs, and it is good to have more protection than just a password. One example is iCloud Photo Library; if someone signs into your account they could see and manipulate your photo library. Not fun!

 

[deany]

Two step Apple ID was a pain at first, but they've done a lot lately to fix it.

For a while you needed to generate app-specific passwords on OS X for things like FaceTime. This has thankfully been fixed in El Capitan.

Once a device is remembered it doesn't ask you to verify again unless something changes.

I recommend it. A lot of information is tied up in our Apple IDs, and it is good to have more protection than just a password. One example is iCloud Photo Library; if someone signs into your account they could see and manipulate your photo library. Not fun!

thanks for that, much appreciated its a 'no brainer', everyone should enable it then.

 

[uhaas]

Set it up. It's only a hassle for about 30 minutes, until you get your other devices up and running with it. It's worth it.

Then, go set it up on Microsoft, Google, LinkedIn, Amazon, Facebook, Twitter ....

It won't stop hackers from stealing your passwords from other places on the 'net, but it can help limit the damage if they do.

 

[windmill83]

In iOS 9 two-step verification is being replaced by a new service called two-factor authentication (two-step verification will continue to work if you want to keep it). My question is if you are already enrolled in the old two-step verification service, how do you upgrade to the new two-factor authentication service? Do you have to turn off the old two-step verification before upgrading?

 

[deany]

good question

 

[uhaas]

I totally missed your question the first time.

Two-factor authentication:
https://support.apple.com/en-us/HT204915
(See the FAQs at the bottom.)

Two-step verification:
https://support.apple.com/en-us/HT204152

I'm using verification. It's not evident how to change, but one thing that goes away is the recovery key. It also looks like app passwords go away. Make sure you upgrade to iCloud Drive v5 if your using Windows.

From https://developer.apple.com/support/two-factor-authentication/: (May need a Dev account)
Can I enroll in two-factor authentication if I am already using two-step verification?
If you are already using two-step verification, we do not recommend attempting to enroll in two-factor authentication until the feature is offered to everyone.

More articles:
https://www.macrumors.com/2015/07/08/ios-9-el-capitan-two-factor-authentication/

 

[deany]

Thanks for the info.

I get 'Two-Factor Authentication not available for your Apple ID at this time'

I live in the UK am on ios 9 and have been with apple for about 8 years.
Will try if it works on El Cap later.

Maybe country specific.

If it doesn't work I'll try the 'two step' (sound like a dance!)

 

[Liam Steven]

I use two-factor auth on any website that offers it.

Other than any banks what websites use the equivelant two factor authentication?