“Apple is finally enabling two-step authentication to help protect users of its iMessages and FaceTime on iPhone, iPad and Mac computers,” Samuel Gibbs writes for The Guardian.
“The security feature adds an extra layer of protection against hackers trying to access users’ accounts,” Gibbs writes. “After logging in with their usual name and password, two-factor asks account holders to use a second security code to verify their messaging and video chat accounts.”
“The login protection was added to Apple’s iTunes and iCloud accounts in March 2013, meaning Apple users who have perviously logged into a Mac, iPhone or iPad with their Apple ID were already protected by the extra security,” Gibbs writes. “Now the same service has been activated for two more of Apple’s services, meaning that if users log out of their FaceTime or iMessage accounts and attempt to log in again, or log in on another machine, they will require a security code to confirm their username and password.”
Read more in the full article here.
Yes. Two step authorization/verification is less secure than two factor verification. However, Apple knows that the vast majority of users *might* implement two step verification and that the vast majority of users *will not* implement true two factor verification. Two step verification is one of those “good enough” implementations for the vast majority of users.
If someone is doing something that truly requires two factor verification, those capabilities exist for iOS devices as well as Mac OS systems — and have existed for several years for Mac OS. You just have to go out and buy them then implement them. However, most people don’t need them.
Could Apple offer true two factor authentication systems as an option — even an additional pay option? Yes. Absolutely.
Does it make sense from a financial, infrastructure and little minimizing risk return for the added security? Except for a very, very small subset of users who need it but don’t already have it, the answer is, “NO!”
Crystal ball:
1. Apple is preparing to transition the serious users to increasing secure methods
2. Users who do not go secure will miss out on expanded features.
3. After some time, the Apple tech support and retail teams will be more up to speed. Then Apple has the choice to go full secure or not.
—————-
Peanut gallery says:
Apple does not want to nurse maid so many people. Apple will try to do the minimum required and not much more.
Did Gibbs really write “perviously”?
That’s disgusting! 😉