Apple has added two-step verification to Apple ID and iCloud accounts, icing its password-protected cake with an extra layer of security.
If you opt in to the new security measures, you'll need to enter both your password and special four-digit verification code before you can log in to iCloud or purchase apps from a new device.
That code will be sent to a trusted device that can receive Find My iPhone notifications or text messages.
The system makes it tougher for people to sign into your Apple account remotely. Without two-step verification, anyone who has access to your email address and password could sign in from another computer, buy apps and even wipe your devices remotely.
When you sign up, you'll be sent a 14-digit recovery code to deploy if you lose your device or forget your password, check out Apple's Support page more more detail.
The two-step process isn't entirely bulletproof however, as if you own an iPhone, you're likely to make it your trusted device. If anyone made off with your mobile and knew your password, they could be sent the precious four-digit code and sign in to iCloud online.
It would stop any old so-and-so from remotely logging in to your account online however, or logging in on another iPad or iPhone and downloading loads of pricey apps.
Facebook and Gmail both already offer SMS-based two-step verification. Twitter notably doesn't, making micro-blogging profiles easier to hack, as happened to the BBC Weather Twitter profile yesterday.
Will you enable the two-step verification system? Or do you feel secure enough already? Let me know in the comments or on our Facebook wall.
Android App 
RSS Feeds 
iPhone App 
Newsletters 
Comments 6
Add your comment
anonymous 22 March, 2013 12:18
About time. Every company that stores your credit card details should have this feature.
shauney3 22 March, 2013 14:29
Yeah Google has had this for about a year now. Facebook recently took it up, and hopefully more companies will follow.
anonymous 23 March, 2013 15:17
To be honest I don't like two step verification on Google. When you do a factory reset it's a nightmare to get your account back onto your Android device with two step verification; unless I'm missing something you have to turn it off via a computer then turn it back on when you've got your account set up. Very annoying.
anonymous 23 March, 2013 22:56
In more news that is unlikely to make it into a CNET UK article... Apple pulls iForget service after security floor is discovered:
http://www.theregister.co.uk/2013/03/23/apple_iforget_password_flaw/
I know the US CNET has covered the 3 security bugs found in iOS in the last month. But why has CNET UK not covered the discovery of ANYof them? But has covered a similar bug on Samsung with no reference to the iOS bug even though other tech sites picked up the obvoius similarity? The only coverage CNET UK has provided was over this fix.
It seems odd to me.
Jamie Ingram 24 March, 2013 14:28
2 step verification! Total waste of time, its just another password to have to remember which makes it even more likely that people will write them down. Just use a decent alphanumeric password and don't write it down nice, simple, secure.
dougmet 25 March, 2013 09:57
@Jamie: Two-step isn't an extra password. It's an extra thing you have to have to sign in, like a phone, or in the case of banks one of those card reader things.