Glad to see Apple boldly leading IT security into 1995.
Hey, NUDE CELEBS! Apple adds SWEET 2FA to iMessage, Facetime
Apple has activated a two-factor authentication (2FA) system for Facetime and iMessage, extending the service to beyond iCloud accounts in a move that it hopes will help secure its communications platforms. The feature has become effective immediately, meaning any attempt to activate the services on a new device would first …
COMMENTS
-
-
Friday 13th February 2015 13:25 GMT SuccessCase
Would have been mildly funny if you picked a year when other companies were doing two factor authentication on all their services well, instead of plumbing for a year even before MS thought allowing JavaScript in email messages was OK, FTP was the system for transferring files across the Internet and even your local Web admin's password was very often just "password"
-
-
-
-
-
Friday 13th February 2015 20:49 GMT Mike Bell
Re: What's the second factor?
@Bradley.
No, you don't.
If you wish to enable optional two step verification, you may use another phone or another Apple device to receive a verification code. If you don't have such a thing, don't enable it.
A printed recovery key may also be used if the verification device is unavailable.
But in any case, there are limited circumstances in which it swings into action, as described here. In the main, when making important security changes or setting up new devices with your Apple ID.
-
-
-
-
-
Friday 13th February 2015 11:48 GMT Anonymous Coward
Re: Not 2FA
Most (all I can think of) of what is touted as 2FA is the same, at least in terms of consumer level apps on phones, such as cloud storage etc. You can have it sent to another device (and only authorise a separate device) if you choose, but I can't think of a single service that actually insists on it. The logic being, I suppose, that your account can't be enabled on another phone elsewhere. If your phone was stolen the apps in question would presumably be enabled in any case, and if it has no access control set, that's your lookout.
-
-
-
Monday 16th February 2015 14:20 GMT Velv
So how do these SMS notifications work if you use something like O2s Tu Go?
SMS gets diverted to your device of choice (tablet, laptop, desktop), defeating the point that the system relies on "something you have". Opens up the possibility of remote attack if someone compromises your telephone number.