Apple Restores Two-Factor Authentication to iCloud
Security Watch
SHARE
Facebook X Pinterest WhatsApp

Apple Restores Two-Factor Authentication to iCloud

Apple Restores Two-Factor Authentication to iCloud
Written By
Sean Michael Kerner
Sean Michael Kerner
Sep 17, 2014
2 minute read
eWeek content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More

More than three weeks after it was publicly shamed for leaky security, Apple has finally tightened security by enforcing two-factor authentication for iCloud access.

In the wake of the iCloud celebrity picture hacking attack (at the beginning of September), the security of Apple’s cloud service has been under scrutiny. Apple itself claimed that the attack was not the result of a breach of its iCloud system. Rather, Apple said the attack was targeted against usernames, which in Apple’s world is the AppleID system. One of the ways that Apple and other vendors often recommend to users to protect their credentials is through the use of two-factor authentication.

With two-factor authentication, a second password (or factor) is required in order to log into a site or service. Apple first announced support for two-factor authentication in March 2013. Apple’s two-factor authentication system leverages Short Message Service (SMS) as an optional delivery method to send users the second password.

While Apple has had two-factor authentication support for more than a year, it hasn’t always applied the technology to all its log-in systems. At the time of the celebrity hacking incident, the Web log-in for iCloud (at iCloud.com) apparently did not require the use of two-factor authentication. That means that if an attacker somehow was able to trick users into giving out AppleID passwords, the attacker could have had access to the user’s iCloud files, even if the user had two-factor support enabled.

Apple has not made an official statement about two-factor support for iCloud, though its publicly accessible support site provides some direction on the issue. An archived snapshot of Apple’s support page for two-factor authentication that was taken on Sept. 16 indicates that two-step authentication is used to sign in to My Apple ID to manage an account; make an iTunes, App Store or iBooks Store purchase from a new device; or get Apple ID-related support from the company.

The same page on Sept. 17 now includes an additional item: sign in to iCloud on a new device or at iCloud.com.

The simple truth of security is that you can have the best technology in the world, but if you don’t actually turn it on, it won’t work.

Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.
Sean Michael Kerner
eWeek Logo

eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site's focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

facebook
linkedin
youtube
rss
x

Company

About us Contact us Advertise with us

Categories

Latest News Resources Artificial Intelligence Video Big Data & Analytics Cloud Networking

Property of TechnologyAdvice. © 2026 TechnologyAdvice. All Rights Reserved

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

Terms of Service Privacy Policy California - Do Not Sell My Information