Apple now allows you to protect your Apple ID and iCloud account with hardware security keys, a physical access technology that offers maximum protection from hackers, identity thieves and snoops.

Hardware security keys are small physical devices which communicates with USB or Lightning ports or NFC wireless data connections when you sign in to a device or account. You must have the keys to use them, so they are effective at preventing hackers from trying to access your account remotely. Since they won’t work on fake login sites, they can prevent phishing attacks that try to trick you into entering your password on a fake website.

Button support arrived on Monday with iOS 16.3 and MacOS 13.2, and on Tuesday, Apple has published details on how to use security keys With iPhone, iPad and Mac. The company requires you to install at least two switches.

The move follows hardware security key support from other tech companies such as Google, Microsoft, Twitter and Facebook parent Meta.

Apple has been working to strengthen security in recent months due to breaches involving the iPhone NSO Group’s Pegasus spyware. Apple’s Advanced Data Protection option It arrived in December, giving a stronger encryption option to data stored and synced with iCloud. In September, Apple added iPhone lock mode it includes new protective bars on how your phone works to prevent outside attacks.

A big caveat, though: While hardware security keys and Advanced Data Protection lock down your account better, they also mean Apple can’t help you regain access.

“This feature is intended for users who face joint threats to their online accounts, often due to their public profiles, such as celebrities, journalists and members of government.” Apple said in his statement. “This takes our two-factor authentication even further, preventing even an advanced attacker from obtaining a user’s second factor in phishing scams.”

Industry is strengthening access security

The technology is part of an industry-wide tightening of authentication procedures. Thousands of data breaches have shown the weaknesses of traditional passwords and hackers can now bypass common two-factor authentication technologies such as security codes sent by text message. The hardware is called security switches and another approach toggle switches offer peace of mind even when it comes to serious attacks like hacker wins Access to LastPass customers’ password manager files.

Hardware security keys have been around for years, but Fast Identity Online or FIDO, the group helped standardize the technology and integrate its use with websites and apps. One of the great advantages of the Internet is that they are linked to specific websites, such as Facebook or Twitter, so they prevent phishing attacks that force you to visit fake websites. It is essential for them Google’s Advanced Protection Programalso for those who want maximum security.

Screenshot of the MacOS signup process to use hardware security keys to protect your iCloud account

MacOS and iOS allow you to protect your iCloud account and Apple ID with hardware security keys.

Screenshot by Stephen Shankland/CNET

You need to choose the right security keys for your devices. A USB-C and NFC-enabled dongle is a good choice for connecting to relatively recent models of both Macs and iPhones. Apple requires you to have two keys, but it’s not a bad idea to have more in case you lose them. A single key can be used to authenticate to many different devices and services, such as your Apple, Google, and Microsoft accounts.

Yubico, the best manufacturer of hardware security switchesannounced on Tuesday two new FIDO-certified YubiKey models in the consumer-friendly Security Key Series. Both support NFC, but the $29 model has a USB-C connector and the $25 model has an older-style USB-A connector.

Google, Microsoft, Apple and other allies are also working to support a different FIDO authentication technology called passkeys. Passkeys are intended to replace passwords generally and they do not require hardware security keys.

Leave a Reply

Your email address will not be published. Required fields are marked *