The new iOS login technology makes it super hard to hack your iCloud account

The new iOS login technology makes it super hard to hack your iCloud account
Written by admin

Apple now lets you protect your Apple ID and iCloud account with hardware security keys, a significant upgrade for those who want maximum protection from hackers, identity thieves, or snoopers.

Hardware security keys are small physical devices that communicate with USB or Lightning connectors, or with NFC wireless data connections when you sign in to a device or an account. Since you must have keys in your possession to use them, they are effective in thwarting hackers trying to get into your account remotely. And they don’t work on fake login pages, so they can thwart phishing attacks that try to trick you into entering your password on a fake website.

Support for the keys came with iOS 16.3 and macOS 13.2 on Monday and Tuesday, Apple has released details on using security keys with iPhones, iPads and Macs. The company requires you to set up at least two keys.

Apple has been working to tighten security over the past few months, which has been impacted by iPhone breaches Pegasus spyware by NSO Group. Enhanced privacy from Apple came out in December and offers a stronger encryption option for data stored and synced with iCloud. And in September, Apple added iPhone lock mode This includes new guard rails on how your phone works to thwart outside attacks.

One big caveat: while hardware security keys and the Advanced Data Protection program do a better job of locking down your account, they also mean Apple can’t help you regain access.

“This feature is intended for users who often face concerted threats to their online accounts due to their public profile, such as: B. Celebrities, journalists and government officials.” Apple said in an opinion. “This takes our two-factor authentication even further and prevents even an advanced attacker from getting a user’s second factor in a phishing scam.”

Industry tightens login security

The technology is part of an industry-wide tightening of authentication procedures. Thousands of data breaches have exposed the weaknesses of traditional passwords, and Hackers can now thwart popular two-factor authentication technologies such as security codes sent via SMS. Hardware security key and another approach called master key offer security, even when it comes to serious attacks such as hackers Access to LastPass customers’ password manager files.

Hardware security keys have been around for years, but the Fast Identity Online or FIDOthe group has helped standardize the technology and integrate its use into websites and apps. A major advantage on the web is that they are linked to specific websites, such as Facebook or Twitter, thus thwarting phishing attacks that try to trick you into logging into fake websites. They are the basis for Advanced protection program from Googlealso for those who want maximum security.

A screenshot showing Apple's support for hardware security keys

Apple added hardware security key support to iOS 16.2 and macOS 13.2.

Screenshot by Stephen Shankland/CNET

You must select the correct hardware security keys for your devices. To communicate with relatively new models of Macs and iPhones, a key that supports USB-C and NFC is a good option. Apple requires you to have two keys, but it’s not a bad idea to have more in case you lose them. A single key can be used to authenticate to many different devices and services such as your Apple, Google and Microsoft accounts.

Yubico, the leading manufacturer of hardware security keyshe announced on Tuesday two new FIDO-certified YubiKey models in its consumer grade security key series. Both support NFC, but the $29 model has a USB-C port and the $25 model has a legacy USB-A port.

Google, Microsoft, Apple and other allies are also working to support another FIDO authentication technology called Passkeys. Passkeys are designed to replace passwords together and they do not require hardware security keys.

About the author


Leave a Comment