Affiliate Disclosure
If you buy through our links, we may get a commission. Read our ethics policy.

Apple to remove Recovery Key from iOS 9, OS X 10.11 two-factor authentication process

Apple on Wednesday confirmed that the removal of a pesky Recovery Key security mechanism will be one of the changes coming to its two-factor authentication solution when iOS 9 and OS X 10.11 El Capitan are released this fall.

Currently, the Recovery Key system in Apple's "two-step" protocol works as a failsafe for accessing an Apple ID when registered trusted device or phone number is unavailable. Under the existing setup, losing both a trusted device and Recovery Key renders the account inaccessible, which has in the past forced some users to abandon their Apple IDs altogether.

With higher level integration in iOS 9 and El Capitan, Apple's new method, now referred to as "two-factor," does away with 14-character Recovery Keys, to be replaced by a live customer support recovery process, an Apple spokesperson confirmed to MacWorld. The feature removal is just one modification Apple plans to apply when two-factor authentication rolls out later this year.

Other security enhancements were revealed in a support document published today, including longer six-digit verification codes and more intuitive authentication alerts that work across iOS and OS X platforms. For example, when users sign in to their Apple ID on a new device — or browser in the case of iCloud — with a password, a verification code is automatically pushed to all trusted devices. Text message and phone call verifications to trusted numbers will also remain available.

Because the system is built in to iOS 9 and El Capitan, devices running older iOS and OS X versions will not display the new six-digit verification codes. Once a user enables the new two-factor protocol, attempting to access an Apple ID using an iOS 8 device, for example, will send the six-digit code only to compatible devices. In lieu of a dedicated code entry mechanism, users might be prompted to log in again and append the six-digit number to the end of their password.

The new opt-in two-factor protocol is currently rolling out to a limited number of beta testers and will gradually become available to more users as Apple builds up backend support.