Apple has introduced security keys as an additional step to help users protect their Apple ID accounts. Read on to learn why the alternate authentication method is the most secure method available, and what you need to do to set it up.
What are security keys?
With the release of iOS 16.3, iPadOS 16.3, and macOS Ventura 13.2, Apple introduced support for security keys, or physical devices that can verify your Apple ID instead of a passcode.
Apple designed the feature for people who require additional protection against targeted attacks, such as phishing or social engineering scams.
The added protection provided by security keys means that if someone had your Apple ID and password, they couldn’t access your account without your physical security key, which replaces the traditional verification code provided by two-factor authentication.
How do security keys work?
With a security key enabled, signing in to an Apple ID requires entering your account password and then using a security key to complete the two-factor authentication process, rather than the traditional six-digit verification code that is Send to another Apple device registered to the same account
Why it is worth using security keys
It’s worth noting at the outset that using physical security keys places the onus on you to be careful not to lose them, otherwise you could permanently lose access to your Apple account. That’s why Apple requires users to set up at least two security keys and supports up to six in total.
Having two physical security keys configured means you can keep them in more than one secure location. For example, you can keep one at home and one at work, or you can keep one with you when you travel while the other stays safe at home.
Once you’ve set up security keys, you can use them to sign in with your Apple ID on a new device or on the web, reset your Apple ID password, and add or remove additional security keys from your account.
What you can’t do with security keys
There are some things worth noting that you can’t do with security keys.
- You can’t use them to sign in to iCloud for Windows.
- You cannot sign in to older devices that cannot be upgraded to a security key-compatible software version.
- Safety keys don’t support child accounts or Managed Apple IDs.
- Apple Watches that are paired with a family member’s iPhone are not supported.
Security Keys Worth Considering
Most security keys look like a typical USB stick, with some options available with NFC for wireless use and others equipped with Lightning, USB-C, and/or USB-A ports for direct connectivity to iPhones, iPads, and Macs.
There are many options on the market when it comes to buying security keys, but the main thing to consider when choosing one is that it is FIDO certified and has a connector that will work with your Apple devices. Some options recommended by Apple include:
Visit the FIDO Showcase website for a complete list of FIDO Alliance certified keys.
How to enable security keys on iPhone and iPad
- throw the settings app on your iOS device.
- Tap your name on the Apple ID banner.
- Tap password and security.
- Tap security keys.
- touch the blue Add security keys and follow the instructions on the screen.
You can remove security keys at any time by repeating the steps above and tapping or clicking Remove all security keys. If you do, your Apple ID will revert to using a traditional six-digit verification code for two-factor authentication.
How to enable security keys on Mac
- Click the Apple symbol () in the menu bar of your Mac and select System settings….
- Click your name at the top of the sidebar.
- Click password and security.
- In the “Security Keys” menu section, click Add…then follow the instructions on the screen.
After following the steps above, you will have the opportunity to review the devices linked to your Apple ID, with options to stay signed in or sign out of any associated Apple devices.
You can stop using security keys on your Mac by going to System Settings -> [your name] -> Password and security. Click security keysthen click Remove all security keys. If you do, your Apple ID will revert to using a traditional six-digit verification code for two-factor authentication.