Apple now lets you protect your Apple ID and iCloud account with hardware security keys, a significant upgrade for those who want maximum protection from hackers, identity thieves, or snoopers.
that communicate with USB or Lightning connectors, or with NFC wireless data connections when you sign in to a device or an account. Since you must have keys in your possession to use them, they are effective in thwarting hackers trying to get into your account remotely. And they don’t work on fake login pages, so they can thwart phishing attacks that try to trick you into entering your password on a fake website.
Support for the keys came with iOS 16.3 and macOS 13.2 on Monday and Tuesday, Apple has released details on using security keys with iPhones, iPads and Macs. The company requires you to set up at least two keys.
Apple has been working to tighten security over the past few months, which has been impacted by iPhone breaches. came out in December and offers a stronger encryption option for data stored and synced with iCloud. And in September, Apple added This includes new guard rails on how your phone works to thwart outside attacks.
One big caveat: while hardware security keys and the Advanced Data Protection program do a better job of locking down your account, they also mean Apple can’t help you regain access.
“This feature is intended for users who often face concerted threats to their online accounts due to their public profile, such as: B. Celebrities, journalists and government officials.” Apple said in an opinion. “This takes our two-factor authentication even further and prevents even an advanced attacker from getting a user’s second factor in a phishing scam.”
Industry tightens login security
The technology is part of an industry-wide tightening of authentication procedures. Thousands of data breaches have exposed the weaknesses of traditional passwords, andsuch as security codes sent via SMS. Hardware security key and another approach called offer security, even when it comes to serious attacks such as hackers .
Hardware security keys have been around for years, but the Fast Identity Online or FIDOthe group has helped standardize the technology and integrate its use into websites and apps. A major advantage on the web is that they are linked to specific websites, such as Facebook or Twitter, thus thwarting phishing attacks that try to trick you into logging into fake websites. They are the basis for Advanced protection program from Googlealso for those who want maximum security.
You must select the correct hardware security keys for your devices. To communicate with relatively new models of Macs and iPhones, a key that supports USB-C and NFC is a good option. Apple requires you to have two keys, but it’s not a bad idea to have more in case you lose them. A single key can be used to authenticate to many different devices and services such as your Apple, Google and Microsoft accounts.
two new FIDO-certified YubiKey models in its consumer grade security key series. Both support NFC, but the $29 model has a USB-C port and the $25 model has a legacy USB-A port.he announced on Tuesday
Google, Microsoft, Apple and other allies are also working to support another FIDO authentication technology called Passkeys.together and they do not require hardware security keys.