How to enable Apple's secure two-step verification for your iCloud & iTunes accounts

By AppleInsider Staff

Last week's celebrity photo leaks were a stark reminder of what can happen to internet users that fail to follow basic security precautions, like enabling two-factor authentication when it's available. With Apple's own security practices under the microscope, AppleInsider shows you how to enable Cupertino's own implementation.

First, you'll need to login to Apple's web-based Apple ID management system at https://appleid.apple.com/account/home -- just click "Manage your Apple ID," then enter your credentials.

For many, this will be the first time you've actually heard of this portal. It's worth checking out; if you've previously found that updating billing or contact information on your iOS device is a chore, you can do it more easily here.

Once you've logged in, choose "Password and Security" from the navigation options on the left -- you'll be asked to verify your security questions -- then scroll down to the "Two-Step Verification" section. Click the blue "Get Started" link, then peruse the informational screens that follow -- if you still want to proceed, click "Continue."

Apple will send an SMS containing a verification code to the mobile number you've assigned to your Apple ID. It's important to note that if your number is out of date and needs to be changed, you'll have to wait three days after doing so to complete two-step setup -- this is a security measure that prevents malicious actors from immediately locking you out of your own account if it's compromised before two-step verification is enabled.

After you've received the SMS and entered the verification code, you'll then be able to designate as a trusted device any iPad, iPhone, or iPod touch on which you've used your Apple ID to enable Find my iPhone. These are the only devices you'll be able to receive future one-time codes on -- they're sent as a special push notification from Apple, unless you choose to allow codes to be sent via SMS.

Finally, Apple will generate a unique recovery key that can be used to access your account if you forget your password or don't have access to your trusted devices. This is a last resort; Apple recommends that you print or write down the recovery key and store it in a safe place -- in your home safe, for instance, or a safety deposit box.

This is important: if you forget your password, lose your recovery key, and don't have access to your trusted devices, you will not be able to login to your Apple ID, and Apple will not be able to help.

Once that's complete, you're finished. You'll be asked for a code the next time you try to login on the web, and Apple will be rolling out two-step verification for more actions -- like restoring backups to a new device -- in the near future.