Security Keys are here to keep Apple ID accounts secure with a physical, two-factor authentication device roughly a month after the capabilities were announced by Apple in December 2022. After spending years toying with the idea of securing Apple ID accounts to levels that were previously unheard of, the company took the leap late last year. It showcased Advanced Data Protection for iCloud, an opt-in feature that would protect nearly all iCloud data with end-to-end encryption. iMessage Contact Key Verification also provided peace of mind that a user is conversing with the person they expect. Lastly, Apple teased the ability to secure Apple ID accounts with a physical, hardware Security Key.
SCREENRANT VIDEO OF THE DAY
Security Keys are supported as of iOS 16.3, which was released on Jan. 23. They are small external devices that are used as a two-factor authentication method, and function similarly to keycard and USB storage devices. Just as a user might swipe their card to enter a building or enter a drive to access certain data, a physical Security Key can authorize a login to an Apple ID account. Apple says that over 95 percent of active iCloud accounts utilize two-factor authentication, but current methods are not nearly as strong as a Security Key used with iOS 16.3.
Related: iCloud Backups Are Now End-To-End Encrypted: Why It Matters
What You Need To Get Started With Security Keys
Most Apple ID accounts secured with two-factor authentication utilize a six-digit code sent to a phone number or a user's other devices. That's great for most people, but Security Keys are an optional security measure for privacy-conscious users. It's also meant for people who might be specifically targeted by phishing scams, like Lockdown Mode for iOS 16.
Security Keys must be certified by the FIDO Alliance in order to work with iOS 16.3, and Apple recommends devices from Yubico. Hardware security keys can connect to Apple devices via near-field communication (NFC), USB-C, Lightning, or USB-A. However, it's important to pick the connection method that will work with the devices a user owns. At least two keys must be used to set up the feature, with a maximum of six keys.
Start by navigating to Settings > User's Name > Password & Security. Then, tap "Add Security Keys" and follow the on-screen prompts to add the physical hardware key of a user's choice. After the keys are added, users will be asked to review the devices currently signed in to their Apple ID and sign out of any devices that shouldn't have access to the account. Once the process is finished, the Security Key will be needed to complete a new Apple ID login attempt.
Physical keys are more secure than other two-factor authentication methods, but they come with risk. If a user loses access to their trusted devices or their security keys, they could be locked out of their Apple account permanently.
