Affiliate Disclosure

If you buy through our links, we may get a commission. Read our ethics policy.

Apple's iPadOS 16.3 is out with support for security keys

iPadOS 16.3 is out now

Apple has released iPadOS 16.3 to the public with support for physical security keys that can add another layer of protection for Apple ID.

The iPadOS 16.3 update is is available to download by the public. It is a relatively minor release compared to iPadOS 16.2 with its most significant feature being support for security keys.

After a long beta cycle with relatively few beta versions, Apple finally revealed that the update would also bring support for the new HomePod. It also expands Advanced Data Protection to countries outside of the United States.

iPadOS 16.3 releases alongside iOS 16.3, macOS 13.2, and the other operating system updates. The releases are mostly focused on bug fixes and performance improvements.

How to install iPadOS 16.3 on the iPad

Open the Settings app.
Select General.
Select Software Update.
Select "Update to iPadOS 16.3."

If an iPad is set to automatically update, it will handle downloading and installing iPadOS 16.3 on the user's behalf.

Follow AppleInsider on Google News

6 Comments

SHK 9 Years · 27 comments

About 2 years ago

I'm not "getting" the benefit to Security Keys over two factor authentication, which is easy to use and effective.
I hope AI does a story like "who needs Security Keys" to help me understand it better.

beowulfschmidt 13 Years · 2391 comments

About 2 years ago

SHK said:

I'm not "getting" the benefit to Security Keys over two factor authentication, which is easy to use and effective.
I hope AI does a story like "who needs Security Keys" to help me understand it better.

Depends on the nature of the 2FA. A text or an email are the worst possible options because of the inherent insecurity of those systems. An authenticator app is only as good as the entity who created the app.

A Yubikey is just a number, albeit a moderately long one. And it never changes.

1 Like · 0 Dislikes

dewme 11 Years · 5942 comments

About 2 years ago

beowulfschmidt said:

SHK said:

I'm not "getting" the benefit to Security Keys over two factor authentication, which is easy to use and effective.
I hope AI does a story like "who needs Security Keys" to help me understand it better.

Depends on the nature of the 2FA. A text or an email are the worst possible options because of the inherent insecurity of those systems. An authenticator app is only as good as the entity who created the app.

A Yubikey is just a number, albeit a moderately long one. And it never changes.

I totally agree that a detailed article about all of the MFA options available to Apple device owners would be greatly appreciated. There are definately some benefits and pitfalls to every available option. For example, if you only use a hardware key and lose the key without having a backup or way to restore you authentication keys to a replacement device, you could be screwed.

dewme 11 Years · 5942 comments

About 2 years ago

It would be interesting to see how the security capabilities outlined in the article linked below map to technology and capabilities that Apple is now making available.

https://www.yubico.com/blog/passkeys-and-the-future-of-modern-authentication/

Obviously the least secure capability is username-password and the most secure capability is associated with the use of hardware security keys like the YubiKey, which Apple now supports.

Where does Apple’s PassKey fit?

Where do password managers like 1Password fit? Where do hardware keys fit for different types of users?

For example, it sounds like Apple allows users to use a properly prepared hardware key to unlock their iCloud account should it get accidentally or intentionally locked. This alone may be reason enough for some users to invest in a couple of hardware keys.

Apple seems to have a lot of information in a lot of different places. Unfortunately I haven’t come across a single article that connects more of the dots like the Yubicon article does.

JSF 2 Years · 2 comments

About 2 years ago

SHK said:

I'm not "getting" the benefit to Security Keys over two factor authentication, which is easy to use and effective.
I hope AI does a story like "who needs Security Keys" to help me understand it better.

"Security Keys" are a generic name for FIDO2. FIDO2 is a strong, phishing resistant form of 2FA/MFA. The older styles of MFA, OTP for example, use a cyptographic secret that is the same on both sides. The same secret key is in the Authentication app (google authenticator, for example) AND the back end service. If that service is compromised and that secret is taken by hackers, they can then login as you. A hacker can also build a fake site that looks just like the site you are trying to login to and capture your OTP secret to quickly replay and login as you. That OTP secret is in no way tied to the website you are logging into. You might be redirected to www.G00GLE.com (instead of www.GOOGLE.com) so that the hacker can intercept your login info.

FIDO2 is a public/private key cryptographic MFA solution. That means that the Security Key generates the public and private keys ON The Security Key. The Public key is sent up to the website and the Private Key is ONLY stored on the security key and can NEVER be exported. This means that you cannot login without your security key as that private key is only stored on the security key. This is a MUCH stronger method of MFA. It can also be PIN protected so that you must enter your PIN to use the Key to login. IT also is phishing resistant. The web site URL data and AppID is baked into the cryptographic secret so that if you do go to www.G00GLE.com, the authentication will not work. Again much more secure than the other types of MFA.

You might have heard of PassKeys. That is a technology pushed by Apple, Google, and Microsoft that is based on FIDO2. It is essentially the software version of FIDO. The public and private keys are generated on your computer or phone. They are then stored in you iCloud keychain and synchronized across your Apple Devices. The credentials store in iCloud Keychain are protected by a biometric or a PIN. Passkeys are a good solution, but I prefer an actual Security Key so that my private keys are secured. Not that Apple's concept is bad, but if they were hacked the private key MIGHT be exposed to a hacker.

I hope that makes sense.

1 Like · 0 Dislikes

Read More on our Forums ->

Sponsored Content

article thumbnail

Spruce up your smart home with up to 30% off Aqara cameras, locks & sensors at Amazon

Top Stories

article thumbnail

WWDC will be on June 9 with iOS 19, Apple Intelligence updates, and more

article thumbnail

M3 iPad Air review: Same great do-it-all iPad with a faster chip

article thumbnail

New iPhone 17 Air leak shows off what may be the thinnest iPhone ever

article thumbnail

Apple faces billions in liability from Trump's TikTok ban delay

article thumbnail

What to expect from the M5 MacBook Pro, and when to expect it

article thumbnail

Amazon's Big Spring Sale starts now, save up to $400 on Apple products