IT House News on January 25, Apple shared a support document this week detailing its new Apple ID security key feature, which is available starting with iOS 16.3, iPadOS 16.3, and macOS 13.2. This document provides an overview of the new Security Key feature and explains how to use it.
Apple says the optional security features are designed for individuals who want “additional protection against targeted attacks like phishing or social scams.” When enabled, logging into an Apple ID requires entering a user’s account password and then using a FIDO-certified security key to complete two-factor authentication instead of a traditional six-digit verification code from another Apple device.
Those who enable this feature must be very careful not to lose their security key as this could result in a permanent loss of access to their Apple ID account. Therefore, users must set up at least two security keys, and a total of up to six is supported.
Apple recommends keeping Security Keys in multiple locations. For example, hiding a security key somewhere in your home can be a backup solution.
“Keep your security key in a safe place, and consider keeping your security key in multiple places,” the document says. “For example, one key at home and one key at work. If you’re traveling, you might want to leave a security key at home.”
IT House learned that to enable the Apple ID security key on an iPhone or iPad, open the “Settings” app, tap the user’s name, tap “Password & Security,” select “Add Security Key,” and follow the steps below: Follow the on-screen instructions. On a Mac, open the System Settings application, click your name, click Password & Security, click Add next to Security Key, and follow the steps.
Users can delete security keys at any time by repeating the steps above and tapping or clicking “Delete All Security Keys,” at which point the user’s Apple ID will revert to using six-digit verification codes for two-factor authentication.
Many security keys look like USB sticks, and some options work wirelessly via NFC, while others feature Lightning, USB-C, or USB-A ports for direct connection to iPhones, iPads, and Macs. Apple recommends some security keys in its documentation, such as the YubiKey 5Ci, which has both Lightning and USB-C.
Apple’s documentation provides some other important details, so it’s worth checking out before enabling the feature. For example, users can’t sign in to iCloud for Windows when the feature is enabled, and some types of Apple ID accounts aren’t supported.