Setting up two-step verification for Apple ID and iCloud security

Since you're probably moving to iOS 8 soon -- if not as soon as possible after it goes live -- you might want to start thinking about security as well. In particular, Apple has recently enabled two-step verification for iCloud. What's two-step authentication? As Apple describes it on this web page, "Two-step verification is an additional security feature for your Apple ID that's designed to prevent anyone from accessing or using your account, even if they know your password." Considering the recent issues involving nude celebrity photos that were pulled from iCloud, it's great to see that Apple added one more level of security.

Basically, two-step verification requires you to verify your identity using one of your devices before you can sign into My Apple ID to manage your account, sign in to iCloud on a new device or at, make an iTunes, iBooks or App Store purchase from a new device, or get Apple ID related support from Apple.

I recently set up two-step verification for my Apple ID, and the process isn't that difficult. To begin with, sign into My Apple ID using your Apple ID and password. Once you're in, go to the Password & Security tab on the left side of the My Apple ID page and click it. Under two-step verification, select Get Started, and then follow the simple onscreen instructions.

Note that this doesn't all happen in one day. You'll actually have to wait a few days for an email to arrive:

Email from Apple regarding two-step authentication

Now what will happen is that each and every time you log in to make changes to your account, make a purchase, or connect from a new device, you'll have to verify your identity from one of your devices. This requires you to receive a 4-digit random code on one of your trusted devices that must be entered in to verify that you're coming in from that trusted device.

Just yesterday, Apple sent out an update email to two-step authentication users letting them know that the service also protects iCloud. The email, seen below, also includes information about the requirement for app-specific passwords starting on October 1, 2014.

Apple two-step verification email

That's a big deal. If you use iCloud to store data from any third party apps and you're using two-step verification, remember that you will need to get an app-specific password in order to make it work starting on October 1, 2014.