The next time you use your Apple ID to buy something from the App Store or sign into iCloud storage, think what would happen if the wrong person got your password. That’s a scary scenario, but you can secure your Apple account with two-factor authentication (2FA).
Launched with iOS 9 in 2015 as an upgrade to the two-step verification Apple introduced in 2013, 2FA requires you to sign into your Apple account using your password and a numeric verification code generated on the fly. You receive your verification code via text message or phone call on an authenticated mobile device.
The process creates a trusted relationship between an Apple device and your Apple ID. Even if your password is stolen or compromised, anyone who tried to access your account would be unable to sign in without also knowing and authorizing the code sent to your mobile device.
You can set up 2FA on an iPhone, iPad, and iPod touch running iOS 9 or higher and on a Mac with OS X El Capitan or later. Before you set this up, be warned that there is no longer a way to disable 2FA after you set it up. Apple cited the need for stronger security measures as the reason. Let’s go through the steps.
Turn On 2FA Authentication for iOS
First, let’s try the setup on an iPhone, iPad, or iPod touch. Open Settings on your iOS device. Tap your name on the top of the screen if it’s not already highlighted. If you haven’t set up 2FA, you’ll likely get a nudge from Apple reminding you to do so. To trigger this nudge, tap the setting for Apple ID Suggestions.
At the section with the option to Turn On Two-Factor Authentication, tap the link to Turn On. The Apple ID Security message explains how 2FA works. Tap Continue.
Alternatively, if you don’t see Two-Factor Authentication under Apple ID Suggestions, tap the entry for Password & Security. Tap the link to Turn on Two-Factor Authentication.
At this point, whether you went through the Apple ID Suggestions screen or the Password & Security screen, a Verification Required message pops up. Tap Continue.
Answer the security questions you established when you first created your Apple account. If you haven’t already added a phone number that can be used to identify your account, enter it at the next screen. Then choose whether you want to be verified via text message or phone call.
Enter the verification code sent to your phone, then enter your Apple account password and sign in. If requested it, enter the passcode for your iOS device.
To confirm that 2FA has been enabled, go back to your name at the top of the Settings screen. Tap the entry for Password & Security. Two-Factor Authentication should be set to On, with your trusted phone number listed.
Turn On Two-Factor Authentication for Mac
Now, let’s try setting it up on a Mac. You can enable and set up 2FA this way as long as your Mac is running OS X El Capitan or later. Go to System Preferences > iCloud > Account Details > Security.
From here, click the button to Turn On Two-Factor Authentication. At the message to Set up Two-Factor Authentication, click Continue.
You will need to answer your security questions and enter a phone number that can be used to identify your account if you haven’t already done so. Choose the verification method—text message or phone call. Click Continue.
Enter the verification code sent to your mobile device, then click Continue. Two-factor authentication should now be enabled with the Security screen showing that it’s on, then click Done.
Test Two-Factor Authentication
Now, let’s try this in action. Fire up a browser and go to your Apple ID account page. Enter your email address and password. Click the Arrow button to sign in.
Your iOS device should then flash a message telling you that your Apple ID is being used in a certain location. (Don’t worry if the location isn’t near you; it’s determined more by IP address and network factors than physical locale). Click Allow and a six-digit numerical verification code will pop up. Enter that code into the appropriate field to sign in.
Change Trusted Device
You can’t turn off 2FA, but you can make certain changes. If you need to add or replace a phone number, you can do that through your mobile device or through your online Apple ID page.
On your mobile device, go to Settings. Tap your name at the top of the screen and select Password & Security. Tap the Edit link next to Trusted Phone Number. Tap the link to Add a Trusted Phone Number.
Enter the passcode for your device, then tap Done. Enter the new number. Choose the verification method—Text Message or Phone Call—then tap Send. Confirm the verification code for the new number.
To remove the original number, tap Edit, which is adjacent to Trusted Phone Numbers. Tap the red icon for the number you want to remove. Tap Delete, then tap Remove.
To add or modify a phone number at your Apple ID account page, sign into the page. Click the Edit button in the Security section.
Click the link to Add a Trusted Phone Number. Type the new number and choose Text Message or Phone Call. Click Continue. Enter the verification code from your mobile device. Click Verify.
To remove a number while in Edit mode, click the X next to it and then click the Remove button.