Apple Checks Loopholes in its Two Step Verfiication with New Authentication Procedure

By CIOReview | Friday, July 10, 2015

FREMONT, CA: Apple introduced an improved two-factor authentication system in iOS 9 and OS X El Capitan, the new mobile and desktop operating systems, to prevent the risk of getting locked out of Apple device on forgetting Apple ID password. The idea behind two-factor systems is to prevent a hacker from accessing users account if they've managed to get hold of their username and password details.

Two-factor authentication is an additional layer of security for Apple ID that is designed to prevent unauthorized access to Apple services and protect the data stored in the device. It requires users to enter their password and enter specially generated six-digit code sent to their smartphone. But in the previous version of this system, it was not clear that when two-factor login can be used and when users need to generate an app-specific password. It was difficult to know that which app needs a regular password or an app specific password. Without the recovery key, users can find themselves totally locked out of their Apple ID accounts, with no way back in.

The latest two-factor authentication is built directly into iOS 9 and OS X El Capitan and uses different methods to trust devices and deliver verification codes, and offers a more streamlined user experience. The current two-step verification feature will continue to work separately for users who are already enrolled. With this new system, Apple has got rid of the recovery key system in favor of a more streamlined experience. Any device that user logs into can become a "trusted device" that can verify identity as before, but users will be able to use any trusted device to recover their account if a password is lost, a previously verified phone number can be used to receive a SMS message, or Apple's customer support team will be able to help users recover their Apple ID accounts through a recovery process, reports Jordan Golson for TechRepublic.

“Simply provide a verified phone number where you can receive a text message or phone call regarding your account. Apple will review your case and send an automated message to the number you provided when your Apple ID is ready for recovery,” stated Apple on its site.