Two-factor authentication enabled automatically?

[bluedoggiant]

Hi, I am on iOS 8 and had a question about the new two-factor authentication on iOS 9 with the location feature.

As soon as you upgrade to iOS 9, is two factor authentication enabled automatically making you approve other devices accordingly?

Or is it an opt in feature that you can choose to opt in to after you upgrade?

Please advise.
Thanks.

 

[batting1000]

Hi, I am on iOS 8 and had a question about the new two-factor authentication on iOS 9 with the location feature.

As soon as you upgrade to iOS 9, is two factor authentication enabled automatically making you approve other devices accordingly?

Or is it an opt in feature that you can choose to opt in to after you upgrade?

Please advise.
Thanks.

You opt into it. It hasn't automatically enabled on any of the betas for me yet.

 

[bushido]

good cuz my family cant even remember a freaking Apple ID password. "what is that? my gmail password?" i doubt they would ever understand this lol

 

[Squid7085]

good cuz my family cant even remember a freaking Apple ID password. "what is that? my gmail password?" i doubt they would ever understand this lol

Honestly, and as a person very big in to security I hate to say this, but that is a bigger reason to have it activated. For my parents I set it up, and that way they can (shouldn't but can) be a little more secure using the password they use for "everything." I just hold on to the recovery keys for them incase something happens. Apple has implemented it very well, and is easily one of the simplest to understand implementations of 2-factor.

They insist on using "One Password for everything" so I am doing all I can to help them be a little more secure.

 

[bluedoggiant]

You opt into it. It hasn't automatically enabled on any of the betas for me yet.

Cool. I had heard from others that it was automatically enabled.

 

[IHelpId10t5]

good cuz my family cant even remember a freaking Apple ID password. "what is that? my gmail password?" i doubt they would ever understand this lol

That's exactly the problem with current 2FA. For the vast majority of users, the probability of them locking themselves out of their accounts far exceeds the probability of someone else accessing their account. For this reason I find it hard to responsibly recommend that my clients enable 2FA unless I know that the specific user is a very organized person that understands the importance of maintaining their recovery keys, etc.

2FA is great for those that understand it and can make safe and effective use of it. For everyone else, the best thing that could ever happen to improve security would be for service providers to create mandated, strong, random passwords for users with no ability to choose their own password. In this way they would not be able to reuse passwords and would quickly realize the need and importance of a password manager.