Security

Apple toughens iCloud backup security

Two weeks after breach of celebrity iCloud accounts, Apple makes good on CEO Tim Cook's promises to strengthen security.

apple-icloud-two-factor.png
Apple's iCloud now has better two-factor authentication support. Screenshot by Nick Statt/CNET

Apple is beefing up iCloud's security following promises by CEO Tim Cook to take stronger measures in the aftermath of the high-profile breaching of accounts belonging to celebrities who use the service.

Apple quietly reactivated two-factor authentication for iCloud on Tuesday, according to MacRumors.com, after the feature was initially tested but then disabled in June.

Two-factor authentication offers another layer of security. It works by requiring users to prove their identity by entering a second form of authentication in addition to a password to access accounts. Many online services, including Google, Twitter and Facebook, will text your phone a randomly generated four-digit code as your second factor every time you try to log in. Then you enter the code to get into your account.

Since March 2013, Apple has had two-factor authentication for its Apple ID account, which is used to make purchases from iTunes and the App Store and make changes to account details. Apple has pledged to increase awareness of two-factor authentication.

The two-factor authentication requires users who log in to iCloud.com to enter in a onetime code sent to their iOS device before being allowed to access the site. An email follows the login attempt, providing an extra notification that iCloud has been accessed. One exception is the Find My Phone service, which can be reached with only your Apple ID credentials, because if your phone is missing, you won't be able to get the second, randomly generated login.