Today Apple added two-step verification to iCloud, giving users a chance to add tougher security to their Apple ID.
Users can set up two-step verification by going to the Apple ID website and selecting “password and security” from the left side panel. From there Apple will explain how to set up the security feature which involves verifying the user’s devices.
After verifying a device, only users with access to those devices and the user’s Apple ID password can make any changes to the account. Apple also gives users a Recovery Key in case they lose their verified device. Users can use the Recovery Key to make changes to their account if they ever lose or misplace a verified device.
Users need at least one verified device or recovery key and a password, or a verified device and the recovery key to make any changes to their Apple ID account. With the two-step verification it’s harder for hackers to change passwords, wipe devices or make purchases through iTunes or the App Store.
Users who turn on two-step verification will have to input a password sent to their device every time they try to make a purchase in iTunes or App Store or want to make a change to their Apple ID. For most users, that means they’ll only need it when they want to change passwords or when they get a new iOS device or computer.
Two-step verification is a good idea for all users who have a credit card tied to their Apple ID. That’s true for anyone who buys media in iTunes or apps in the App Store. It will help prevent others from potentially getting at their credit card information or address.
Strangely, however, Apple doesn’t yet require two-step verification to access account information through the iTunes desktop app. Presumably the functionality will come in a later update, or Apple just thinks that users will keep their computers and password secure enough without it.